leviathan/SKELETONKEY
1
0
Fork 0
Code Issues Pull Requests Actions 21 Packages Projects Releases Wiki Activity
Files
8ac041a295ff03918c84599cacefd7d09660d0fd
SKELETONKEY/docs/og.svg
T
leviathan 8ac041a295
release / build (arm64) (push) Waiting to run
Details
release / build (x86_64) (push) Waiting to run
Details
release / build (x86_64-static / musl) (push) Waiting to run
Details
release / build (arm64-static / musl) (push) Waiting to run
Details
release / release (push) Blocked by required conditions
Details
release v0.9.1: VM verification sweep 22 → 27 
Five more CVEs empirically confirmed end-to-end against real Linux VMs:
- CVE-2019-14287 sudo_runas_neg1 (Ubuntu 18.04 + sudoers grant)
- CVE-2020-29661 tioscpgrp        (Ubuntu 20.04 pinned to 5.4.0-26)
- CVE-2024-26581 nft_pipapo       (Ubuntu 22.04 + mainline 5.15.5)
- CVE-2025-32463 sudo_chwoot      (Ubuntu 22.04 + sudo 1.9.16p1 from source)
- CVE-2025-6019  udisks_libblockdev (Debian 12 + udisks2 + polkit rule)

Required real plumbing work:
- Per-module provisioner hook (tools/verify-vm/provisioners/<module>.sh)
- Two-phase provision in verify.sh (prep → reboot if needed → verify)
  fixes silent-fail where new kernel installed but VM never rebooted
- GRUB_DEFAULT pinning in both pin-kernel and pin-mainline blocks
  (kernel downgrades like 5.4.0-169 → 5.4.0-26 now actually boot the target)
- Old-mainline URL fallback in pin-mainline (≤ 4.15 debs at /v$KVER/ not /amd64/)

mutagen_astronomy marked manual: true — mainline 4.14.70 kernel-panics on
Ubuntu 18.04's rootfs ('Failed to execute /init (error -8)' — kernel config
mismatch). Genuinely needs a CentOS 6 / Debian 7 image.
2026-05-23 23:35:02 -04:00

86 lines
4.0 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<svg xmlns="http://www.w3.org/2000/svg" width="1200" height="630" viewBox="0 0 1200 630">
<defs>
<linearGradient id="bg" x1="0" y1="0" x2="1" y2="1">
<stop offset="0" stop-color="#07070d"/>
<stop offset="1" stop-color="#0c0c16"/>
</linearGradient>
<linearGradient id="brand" x1="0" y1="0" x2="1" y2="0">
<stop offset="0" stop-color="#10b981"/>
<stop offset="1" stop-color="#06b6d4"/>
</linearGradient>
<radialGradient id="glow1" cx="0.2" cy="0.3" r="0.6">
<stop offset="0" stop-color="#10b981" stop-opacity="0.18"/>
<stop offset="1" stop-color="#10b981" stop-opacity="0"/>
</radialGradient>
<radialGradient id="glow2" cx="0.85" cy="0.8" r="0.5">
<stop offset="0" stop-color="#a855f7" stop-opacity="0.16"/>
<stop offset="1" stop-color="#a855f7" stop-opacity="0"/>
</radialGradient>
</defs>
<!-- backgrounds -->
<rect width="1200" height="630" fill="url(#bg)"/>
<rect width="1200" height="630" fill="url(#glow1)"/>
<rect width="1200" height="630" fill="url(#glow2)"/>
<!-- diamond mark -->
<g transform="translate(80,140)">
<rect x="0" y="0" width="36" height="36" transform="rotate(45 18 18)" fill="url(#brand)"/>
</g>
<!-- wordmark -->
<text x="142" y="170" font-family="'Space Grotesk','Inter',sans-serif" font-weight="700" font-size="68" fill="#ecedf7" letter-spacing="-2">
SKELETONKEY
</text>
<!-- tagline -->
<text x="80" y="240" font-family="'Inter',sans-serif" font-size="30" fill="#c5c5d3" font-weight="500">
Curated Linux LPE corpus.
</text>
<text x="80" y="278" font-family="'Inter',sans-serif" font-size="30" fill="#c5c5d3" font-weight="500">
Every year 2016 → 2026. 27 of 34 verified.
</text>
<!-- stat chips -->
<g transform="translate(80,360)">
<!-- 39 modules -->
<rect x="0" y="0" width="190" height="58" rx="29" fill="#161628" stroke="#25253c"/>
<text x="28" y="38" font-family="'JetBrains Mono',monospace" font-weight="700" font-size="22" fill="#ecedf7">39</text>
<text x="64" y="37" font-family="'Inter',sans-serif" font-size="16" fill="#8a8a9d">modules</text>
<!-- 27 VM-verified -->
<rect x="206" y="0" width="240" height="58" rx="29" fill="#161628" stroke="#10b981" stroke-opacity="0.5"/>
<text x="234" y="38" font-family="'JetBrains Mono',monospace" font-weight="700" font-size="22" fill="#34d399">27</text>
<text x="270" y="37" font-family="'Inter',sans-serif" font-size="16" fill="#8a8a9d">✓ VM-verified</text>
<!-- 11 KEV -->
<rect x="482" y="0" width="218" height="58" rx="29" fill="#161628" stroke="#ef4444" stroke-opacity="0.4"/>
<text x="510" y="38" font-family="'JetBrains Mono',monospace" font-weight="700" font-size="22" fill="#ef4444">11</text>
<text x="546" y="37" font-family="'Inter',sans-serif" font-size="16" fill="#8a8a9d">★ in CISA KEV</text>
<!-- 151 rules -->
<rect x="736" y="0" width="232" height="58" rx="29" fill="#161628" stroke="#25253c"/>
<text x="764" y="38" font-family="'JetBrains Mono',monospace" font-weight="700" font-size="22" fill="#ecedf7">151</text>
<text x="810" y="37" font-family="'Inter',sans-serif" font-size="16" fill="#8a8a9d">detection rules</text>
</g>
<!-- terminal mockup -->
<g transform="translate(80,478)">
<rect x="0" y="0" width="1040" height="92" rx="12" fill="#0a0a14" stroke="#25253c"/>
<!-- bar -->
<circle cx="22" cy="22" r="6" fill="#ff5f57"/>
<circle cx="42" cy="22" r="6" fill="#febc2e"/>
<circle cx="62" cy="22" r="6" fill="#28c840"/>
<line x1="0" y1="44" x2="1040" y2="44" stroke="#1c1c2d"/>
<text x="24" y="78" font-family="'JetBrains Mono',monospace" font-size="20" fill="#ecedf7">
<tspan fill="#10b981">$</tspan> skeletonkey --explain nf_tables <tspan fill="#5b5b75"># operator briefing in one command</tspan>
</text>
</g>
<!-- subtle url at very bottom -->
<text x="1120" y="610" font-family="'JetBrains Mono',monospace" font-size="14" fill="#5b5b75" text-anchor="end">
karazajac.github.io/SKELETONKEY
</text>
</svg>
Reference in New Issue View Git Blame Copy Permalink