mirror of https://github.com/eunomia-bpf/bpf-developer-tutorial.git synced 2026-02-03 18:24:27 +08:00

Files

云微 5055d062dc Move submodule to src/third_party and remove duplicated (#65 )

* add submodule

* fix duplicate submodule

* fix submodule and remove duplicate code

* fix blazsym version

2023-08-18 21:39:31 +08:00

.gitignore

fix code for 24-27

2023-05-31 01:59:30 +08:00

common_um.h

add code for hide signal sudo and replace

2023-05-31 01:59:30 +08:00

common.h

fix code for 24-27

2023-05-31 01:59:30 +08:00

LICENSE

add code for hide signal sudo and replace

2023-05-31 01:59:30 +08:00

Makefile

Move submodule to src/third_party and remove duplicated (#65 )

2023-08-18 21:39:31 +08:00

README_en.md

add English doc (#55 )

2023-08-08 15:55:55 +08:00

README.md

fix code for 24-27

2023-05-31 01:59:30 +08:00

sudoadd.bpf.c

fix code for 24-27

2023-05-31 01:59:30 +08:00

sudoadd.c

add code for hide signal sudo and replace

2023-05-31 01:59:30 +08:00

README_en.md

Using eBPF to add sudo user

Compilation:

make

Usage:

sudo ./sudoadd --username lowpriv-user

This program allows a user with lower privileges to become root using sudo.

It works by intercepting sudo reading the /etc/sudoers file and overwriting the first line with <username> ALL=(ALL:ALL) NOPASSWD:ALL #. This tricks sudo into thinking that the user is allowed to become root. Other programs like cat or sudoedit are not affected, so the file remains unchanged and the user does not have these permissions. The # at the end of the line ensures that the rest of the line is treated as a comment, so it does not break the logic of the file.

References

https://github.com/pathtofile/bad-bpf