Looking at the output it seems like we are good to continue down this path. Our next step will be to generate the payload we want to be executed by the exploit, which will be our reverse shell. The automation scripts in the this repo build the shellcode for both x86
and x64
, but for our purposes we'll only generate one stageless payload for x64
(this is just an educated guess). If you take a look at the script shellcode/shell_prep.sh
you can see what needs to be done. Basically we use nasm
to compile the kernel shell code, generate our reverse shell with msfvenom
, then combine the two: