SKELETONKEY

leviathan/SKELETONKEY

Fork 0

Commit Graph

Author	SHA1	Message	Date
leviathan	ac557b67d0	review pass: fidelity + credits + count consistency for ported modules Three-agent rigorous review of the dirtydecrypt + fragnesia ports plus repo-wide doc consistency, followed by a full Linux build verification. dirtydecrypt (NOTICE + detection rules): - NOTICE.md: removed an unsupported "Zellic co-founder" detail and a fabricated disclosure-date narrative; tightened phrasing of the Zellic + V12 credit; noted that upstream poc.c carries no author/license header of its own. - Embedded auditd + sigma rules and detect/sigma.yml broadened to cover every binary in dd_targets[] (added /usr/bin/mount, /usr/bin/passwd, /usr/bin/chsh) and added the b32 splice rule, so the embedded ruleset matches the on-disk reference and the carrier list the exploit actually targets. - Exploit primitive verified byte-for-byte against the V12 PoC (tiny_elf[] identical, all rxgk/XDR/fire/pagecache_write logic token-identical). docker gcc:latest compile of the Linux path: COMPILE_OK, zero warnings. fragnesia: review found no defects. Exploit primitive byte-identical to the V12 PoC (shell_elf[] 192 bytes identical, AF_ALG GCM keystream table + userns/netns/XFRM + receiver/sender/run_trigger_pair all faithful). The deliberate omissions (ANSI TUI, CLI arg parsing) drop nothing exploit-critical. docker gcc:latest compile: COMPILE_OK; full project build links into a working skeletonkey ELF and --list shows the module registered correctly. Repo docs (README.md / CVES.md / ROADMAP.md): - Chose to keep "28 verified" as the headline; the two ported modules are represented as a separate clearly-labelled tier ("ported-but-unverified") that is explicitly excluded from the 28-module verified counts. README + CVES.md + ROADMAP.md now tell one consistent story. - Filled a pre-existing documentation gap: sudo_samedit, sequoia, sudoedit_editor, vmwgfx were registered + built but absent from CVES.md's inventory + operations tables. Added rows synthesized from each module's .cve / .summary / .kernel_range fields. - ROADMAP Phase 8 "7 🟡 PRIMITIVE modules" → "14"; added a "Landed since v0.1.0" group; moved vmwgfx out of the stale carry-overs. docs site (docs/index.html): - Stat box "28 / total modules" → "28 / verified modules" (the 14+14 breakdown now sums to the headline consistently). - Terminal example "scanning 28 modules" → "scanning 30 modules" (was factually wrong — the binary literally prints module_count() which is 30). - Status line: updated to mention the 2 ported-but-unverified modules and mirror the README phrasing. - docs/LAUNCH.md left as a dated v0.5.0 launch snapshot. Build verification: `docker run gcc:latest make clean && make` — links into a 30-module skeletonkey ELF on Linux. macOS dev box still hits the pre-existing dirty_pipe header gap; unchanged. .gitignore: added /skeletonkey to exclude the top-level build artifact (the existing modules/*/skeletonkey only covered per-module binaries; the root one was getting picked up by `git add -A`).	2026-05-22 18:41:37 -04:00
leviathan	a8c8d5ef1f	modules: add dirtydecrypt (CVE-2026-31635) + fragnesia (CVE-2026-46300) Two new page-cache-write LPE modules, both ported from the public V12 security PoCs (github.com/v12-security/pocs): - dirtydecrypt (CVE-2026-31635): rxgk missing-COW in-place decrypt. rxgk_decrypt_skb() decrypts spliced page-cache pages before the HMAC check, corrupting the page cache of a read-only file. Sibling of Copy Fail / Dirty Frag in the rxrpc subsystem. - fragnesia (CVE-2026-46300): XFRM ESP-in-TCP skb_try_coalesce() loses the SHARED_FRAG marker, so the ESP-in-TCP receive path decrypts page-cache pages in place. A latent bug exposed by the Dirty Frag fix (f4c50a4034e6). Retires the old _stubs/fragnesia_TBD stub. Both wrap the PoC exploit primitive in the skeletonkey_module interface: detect/exploit/cleanup, an --active /tmp sentinel probe, --no-shell support, and embedded auditd + sigma rules. The exploit body runs in a forked child so the PoC's exit()/die() paths cannot tear down the dispatcher. The fragnesia port drops the upstream PoC's ANSI TUI (incompatible with a shared dispatcher); the exploit mechanism is reproduced faithfully. Linux-only code is guarded with #ifdef __linux__ so the modules still compile on non-Linux dev boxes. VERIFICATION: ported, NOT yet validated end-to-end on a vulnerable-kernel VM. The CVE fix commits are not pinned, so detect() is precondition-only (PRECOND_FAIL / TEST_ERROR, never a blind VULNERABLE) and --auto will not fire them unless --active confirms. macOS stub-path compiles verified locally; the Linux exploit-path build is covered by CI (build.yml, ubuntu) only. See each MODULE.md. Wiring: core/registry.h, skeletonkey.c, Makefile, CVES.md, ROADMAP.md.	2026-05-22 18:22:30 -04:00

Author

SHA1

Message

Date

leviathan

ac557b67d0

review pass: fidelity + credits + count consistency for ported modules

Three-agent rigorous review of the dirtydecrypt + fragnesia ports plus
repo-wide doc consistency, followed by a full Linux build verification.

dirtydecrypt (NOTICE + detection rules):
- NOTICE.md: removed an unsupported "Zellic co-founder" detail and a
  fabricated disclosure-date narrative; tightened phrasing of the
  Zellic + V12 credit; noted that upstream poc.c carries no
  author/license header of its own.
- Embedded auditd + sigma rules and detect/sigma.yml broadened to
  cover every binary in dd_targets[] (added /usr/bin/mount,
  /usr/bin/passwd, /usr/bin/chsh) and added the b32 splice rule, so
  the embedded ruleset matches the on-disk reference and the carrier
  list the exploit actually targets.
- Exploit primitive verified byte-for-byte against the V12 PoC
  (tiny_elf[] identical, all rxgk/XDR/fire/pagecache_write logic
  token-identical). docker gcc:latest compile of the Linux path:
  COMPILE_OK, zero warnings.

fragnesia: review found no defects. Exploit primitive byte-identical
to the V12 PoC (shell_elf[] 192 bytes identical, AF_ALG GCM keystream
table + userns/netns/XFRM + receiver/sender/run_trigger_pair all
faithful). The deliberate omissions (ANSI TUI, CLI arg parsing) drop
nothing exploit-critical. docker gcc:latest compile: COMPILE_OK; full
project build links into a working skeletonkey ELF and --list shows
the module registered correctly.

Repo docs (README.md / CVES.md / ROADMAP.md):
- Chose to keep "28 verified" as the headline; the two ported
  modules are represented as a separate clearly-labelled tier
  ("ported-but-unverified") that is explicitly excluded from the
  28-module verified counts. README + CVES.md + ROADMAP.md now tell
  one consistent story.
- Filled a pre-existing documentation gap: sudo_samedit, sequoia,
  sudoedit_editor, vmwgfx were registered + built but absent from
  CVES.md's inventory + operations tables. Added rows synthesized
  from each module's .cve / .summary / .kernel_range fields.
- ROADMAP Phase 8 "7 🟡 PRIMITIVE modules" → "14"; added a "Landed
  since v0.1.0" group; moved vmwgfx out of the stale carry-overs.

docs site (docs/index.html):
- Stat box "28 / total modules" → "28 / verified modules" (the 14+14
  breakdown now sums to the headline consistently).
- Terminal example "scanning 28 modules" → "scanning 30 modules"
  (was factually wrong — the binary literally prints module_count()
  which is 30).
- Status line: updated to mention the 2 ported-but-unverified
  modules and mirror the README phrasing.
- docs/LAUNCH.md left as a dated v0.5.0 launch snapshot.

Build verification: `docker run gcc:latest make clean && make` —
links into a 30-module skeletonkey ELF on Linux. macOS dev box still
hits the pre-existing dirty_pipe header gap; unchanged.

.gitignore: added /skeletonkey to exclude the top-level build
artifact (the existing modules/*/skeletonkey only covered per-module
binaries; the root one was getting picked up by `git add -A`).

2026-05-22 18:41:37 -04:00

leviathan

a8c8d5ef1f

modules: add dirtydecrypt (CVE-2026-31635) + fragnesia (CVE-2026-46300)

Two new page-cache-write LPE modules, both ported from the public V12
security PoCs (github.com/v12-security/pocs):

- dirtydecrypt (CVE-2026-31635): rxgk missing-COW in-place decrypt.
  rxgk_decrypt_skb() decrypts spliced page-cache pages before the HMAC
  check, corrupting the page cache of a read-only file. Sibling of
  Copy Fail / Dirty Frag in the rxrpc subsystem.

- fragnesia (CVE-2026-46300): XFRM ESP-in-TCP skb_try_coalesce() loses
  the SHARED_FRAG marker, so the ESP-in-TCP receive path decrypts
  page-cache pages in place. A latent bug exposed by the Dirty Frag
  fix (f4c50a4034e6). Retires the old _stubs/fragnesia_TBD stub.

Both wrap the PoC exploit primitive in the skeletonkey_module
interface: detect/exploit/cleanup, an --active /tmp sentinel probe,
--no-shell support, and embedded auditd + sigma rules. The exploit
body runs in a forked child so the PoC's exit()/die() paths cannot
tear down the dispatcher. The fragnesia port drops the upstream PoC's
ANSI TUI (incompatible with a shared dispatcher); the exploit
mechanism is reproduced faithfully. Linux-only code is guarded with
#ifdef __linux__ so the modules still compile on non-Linux dev boxes.

VERIFICATION: ported, NOT yet validated end-to-end on a
vulnerable-kernel VM. The CVE fix commits are not pinned, so detect()
is precondition-only (PRECOND_FAIL / TEST_ERROR, never a blind
VULNERABLE) and --auto will not fire them unless --active confirms.
macOS stub-path compiles verified locally; the Linux exploit-path
build is covered by CI (build.yml, ubuntu) only. See each MODULE.md.

Wiring: core/registry.h, skeletonkey.c, Makefile, CVES.md, ROADMAP.md.

2026-05-22 18:22:30 -04:00

2 Commits