Created
March 13, 2023 06:43
-
-
Save joelagnel/bc40d8c4c99daf7c8092e8a1cf499a32 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <linux/module.h> | |
#include <linux/kernel.h> | |
#include <linux/init.h> | |
#include <linux/string.h> | |
#include <linux/slab.h> | |
static char *crash_type = "null"; | |
module_param(crash_type, charp, S_IRUGO | S_IWUSR); | |
MODULE_LICENSE("GPL"); | |
MODULE_AUTHOR("Your Name <your_email@example.com>"); | |
MODULE_DESCRIPTION("Kernel crasher module"); | |
static void crash_null_pointer(void) { | |
int *ptr = NULL; | |
*ptr = 0; | |
} | |
static void crash_divide_by_zero(void) { | |
int a = 1, b = 0; | |
a = a / b; | |
} | |
static void crash_stack_overflow(void) { | |
char buf[1024]; | |
memset(buf, 0, 1024); | |
crash_stack_overflow(); | |
} | |
static void crash_buffer_overflow(void) { | |
char *buf = kmalloc(8, GFP_KERNEL); | |
strcpy(buf, "1234567890123456789012345678901234567890"); | |
} | |
static void crash_page_fault(void) { | |
asm volatile("movl $0x0, (0x0)"); | |
} | |
static void crash_general_protection_fault(void) { | |
asm volatile("int $0x0"); | |
} | |
static void crash_invalid_opcode(void) { | |
asm volatile(".byte 0xff"); | |
} | |
static void crash_out_of_memory(void) { | |
while (1) { | |
kmalloc(-1, GFP_KERNEL); | |
} | |
} | |
static void crash_null_function_pointer(void) { | |
void (*func)(void) = NULL; | |
func(); | |
} | |
static void crash_bad_function_pointer(void) { | |
void (*func)(void) = (void (*)(void))0xffffffff; | |
func(); | |
} | |
static void crash_uninitialized_variable(void) { | |
int a; | |
printk(KERN_INFO "%d\n", a); | |
} | |
static void crash_use_after_free(void) { | |
char *buf = kmalloc(8, GFP_KERNEL); | |
kfree(buf); | |
printk(KERN_INFO "%c\n", buf[0]); | |
} | |
static void crash_divide_by_random_number(void) { | |
int a = 1, b = prandom_u32(); | |
a = a / b; | |
} | |
static void crash_use_uninitialized_pointer(void) { | |
int *ptr; | |
printk(KERN_INFO "%d\n", *ptr); | |
} | |
static void crash_interrupt_kernel(void) { | |
local_irq_disable(); | |
} | |
static void crash_call_user_function(void) { | |
void (*user_function)(void); | |
user_function = (void (*)(void))0xc0000000; | |
user_function(); | |
} | |
static void crash_corrupted_kernel_data(void) { | |
char *buf = (char *)0xc0000000; | |
*buf = 'a'; | |
} | |
static void crash_null_system_call(void) { | |
asm volatile("int $0x80"); | |
} | |
static void crash_kernel_panic(void) { | |
panic("kernel_panic"); | |
} | |
static void crash_hung_task(void) { | |
while (1) { | |
schedule(); | |
} | |
} | |
static int __init crash_init(void) | |
{ | |
printk(KERN_INFO "Crasher module loaded\n"); | |
if (strcmp(crash_type, "null") == 0) { | |
crash_null_pointer(); | |
} else if (strcmp(crash_type, "divide_by_zero") == 0) { | |
crash_divide_by_zero(); | |
} else if (strcmp(crash_type, "stack_overflow") == 0) { | |
crash_stack_overflow(); | |
} else if (strcmp(crash_type, "buffer_overflow") == 0) { | |
crash_buffer_overflow(); | |
} else if (strcmp(crash_type | |
... | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment