Usage

$ out-of-tree pew

$ out-of-tree pew --kernel='Ubuntu:4.10.0-30-generic'

$ out-of-tree debug --kernel='Ubuntu:4.10.0-30-generic'

$ out-of-tree pew --binary some_exploit --test some_exploit_test

$ out-of-tree pew --guess

Configuration

$ cat kernel-exploit/.out-of-tree.toml

name = "CVE-XXXX-YYYYY exploit"

type = "exploit" # or "module" for LKM



[[supported_kernels]]

distro_type = "Ubuntu"

distro_release = "16.04"

release_mask = "4.4.0-(1|2|3|4)-.*"



[[supported_kernels]]

distro_type = "Ubuntu"

distro_release = "16.04"

release_mask = "4.8.0-(1|2|3|4|5|6|7|8|9|10)-.*"



Installation

$ go get -u code.dumpstack.io/tools/out-of-tree

$ cd $GOPATH/code.dumpstack.io/tools/out-of-tree/examples/kernel-module

$ out-of-tree kernel autogen # generate kernels based on .out-of-tree.toml

$ out-of-tree pew

$ cd $GOPATH/code.dumpstack.io/tools/out-of-tree/examples/kernel-exploit

$ out-of-tree pew

out-of-tree kernel {module, exploit} development toolout-of-tree is for automating some routine actions for creating development environments for debugging kernel modules and exploits, generating reliability statistics for exploits, and also provides the ability to easily integrate into CI (Continuous Integration).Build && run module/exploitTest only with one kernelRun debug environmentTest compiled module/exploitIdentifying vulnerable kernel versionAnd more examples in README.md If you already have Go, Qemu and Docker installed, there's cross-platform installation checklist:Test kernel moduleTest kernel exploitSee also README.md