Closed ma-schulze closed 3 months ago
Awesome that you got PCILeech to work somewhat with DCI :) I wanted to look into this for a long time but I could not find the time with this unfortunately just being my hobby project.
I'm assuming you're using the LINUX_X64_48 signature.
It was a while since I tested this and I'm assuming you're targeting a 64-bit kernel more recent than a year or so. Chances are that something changed that breaks the shellcode ( https://github.com/ufrisk/pcileech/blob/master/pcileech_shellcode/lx64_stage2.asm )
Right now I'm working on a major update for PCILeech/MemProcFS geared towards fixing some long standing FPGA issues primarily related to AMD systems, but also to add new memory analysis functionality for WIndows. I really do need to finish this up and release before I start looking into what I'm suspecting may be somewhat dated shellcodes both for Windows and Linux.
I'll put this up as a bug for now. Chances are that I won't be able to find the time to look into this before September though. If you're interested you can take a look at the shellcode. I do suspect that it's some of the exported symbols ( at the bottom of the shellcode ) that is missing. My best guess is that set_memory_x
is missing from your kallsyms; but if you're able please check the other exports as well. Please let me know if you find the culprit.
Yup, you were right. I tried out an older kernel and it worked perfectly fine! Thanks for the anwser and also thanks for this awesome project! <3
I did some updates to the pcileech which should improve the linux injections up to around kernel 5.4; (ubuntu 20.04); the latest versions of the kernel still aren't working properly though; I have to redo the injection code a bit for that.
I've decided to take a look at this when Ubuntu migrates to a new kernel; then I'll see if things really changed around for them as well; or if it's just your distro that is missing some symbols I need. Reason is that there are just way too many Linux kernels for me to keep up with considering this being just a hobby project that I put my free time into. I'll keep the issue open until then.
I'm closing this issue due to old age.
Hi, so I'm trying to inject a kernelmodule via DMA via DCI-Debugging (Linux target).
Now it works fine up until the point "KMD: Code inserted into the kernel - Waiting to receive execution." (kmd.c:1361) where it freezes / loops indefinitly.
Do you have any fixes for this? Or can you maybe explain to me what exactly he is waiting for so I can look into it myself? Thanks in advance!