leviathan/CHARON
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
CHARON/LICENSE
T
leviathan a0d7d0b75b charon: initial release — CVE-2026-46333 PoC 
CHARON ferries file descriptors out of dying SUID/SGID processes
through the __ptrace_may_access mm==NULL window in do_exit(),
disclosed by Qualys 2026-05-15 (CVE-2026-46333).

Default behavior: dump /etc/shadow to stdout, banner + progress on
stderr. --quiet for pure-pipe output, --verbose for stats.

Built-in lures cover Debian/Ubuntu (chage SGID-shadow), RHEL family
(chage SUID-root), and ssh-keysign. Patched-kernel detection
distinguishes "primitive fires but lure didn't open target" from
"pidfd_getfd never succeeded → fix is in place".

Pre-built 46KB musl-static binary included as charon-static.
2026-05-15 23:15:58 -04:00

30 lines
1.3 KiB
Plaintext
Raw Permalink Blame History

CHARON — research / authorized-defensive use license
======================================================
Copyright (c) 2026 Kara Zajac.
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software for the purposes of:
(a) authorized security testing of systems they own or have
written authorization to test,
(b) defensive research, including the development of detection,
mitigation, and patch-management tooling,
(c) educational use in academic or training contexts.
Use of the Software to gain unauthorized access to computer systems
or data is strictly prohibited. The recipient is solely responsible
for ensuring that their use of the Software complies with applicable
law and any contractual obligations under which their systems
operate.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Reference in New Issue View Git Blame Copy Permalink