Damn Vulnerable Kernel Module for kernel fuzzing
This example kernel module is designed to facilitate fuzzing with syzkaller, an efficient kernel fuzzer. It incorporates deliberately vulnerable code that showcases various types of security vulnerabilities, such as integer overflow, integer underflow, use-after-free, double free, stack and heap overflows, and out-of-bounds read/write scenarios.
The module has been derived from a previous project of mine, the "Damn Vulnerable C Program" (available at [https://github.com/hardik05/Damn_Vulnerable_C_Program]), which was crafted for the purpose of understanding and practicing user-mode fuzzing techniques. With this kernel module, I intend to provide a learning platform for those interested in exploring kernel-mode fuzzing.
By utilizing this module as a testbed, security researchers and enthusiasts can gain hands-on experience in identifying and mitigating these critical vulnerabilities. It serves as a valuable resource for understanding the inner workings of security flaws in kernel code and devising effective ways to enhance system robustness.
Feel free to utilize this example kernel module to learn and improve your skills in kernel-mode fuzzing and contribute to the broader goal of enhancing kernel security.
- download linux kernel source code.
- copy dvkm.c to linux/lib dir.
- modify Makefile to include dvkm.o
- run make commmand
- just run
"make"
- then use
sudo insmod dvkm.ko - if you want to remove use "sudo rmmod dvkm"
compile and install dvkm first and then check test_dvkm.c, modify it to suit you needs.
umm, you need to figure it out at your own. I will create a video/blog later on.
Yes please, i will add it here so that it helps others. you can either send a PR request or just send me a message and i will add link here.
Sure, please send PR.