Skip to content

Commit

Permalink
Create a new binary by copying it form existing binary instead of cre…
Browse files Browse the repository at this point in the history
…ating a new binary

Signed-off-by: GLVS Kiriti <[email protected]>
  • Loading branch information
GLVSKiriti authored and poiana committed Apr 9, 2024
1 parent cba5af9 commit b09fc0f
Showing 1 changed file with 17 additions and 13 deletions.
30 changes: 17 additions & 13 deletions events/syscall/drop_and_execute_new_binary_in_container.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,28 +25,32 @@ var _ = events.Register(DropAndExecuteNewBinaryInContainer)

func DropAndExecuteNewBinaryInContainer(h events.Helper) error {
if h.InContainer() {
binaryPath := "/tmp/created-by-event-generator"
exampleCode := `package main
func main() {}`
// Find the path of the ls binary
lsPath, err := exec.LookPath("ls")
if err != nil {
h.Log().WithError(err).Error("ls binary not found")
return err
}

err := os.WriteFile(binaryPath+".go", []byte(exampleCode), 0644) // Create a sample .go file
// Read the ls binary content
lsContent, err := os.ReadFile(lsPath)
if err != nil {
h.Log().WithError(err).Error("failed to write source code to file")
return err
}
defer os.Remove(binaryPath + ".go") // Remove at end

// Compile the .go file into an executable binary
compileCmd := exec.Command("go", "build", "-o", binaryPath, binaryPath+".go")
if err := compileCmd.Run(); err != nil {
h.Log().WithError(err).Error("failed to compile Go code")
// New binary which is duplicate of ls binary
newBinaryPath := "/bin/ls-created-by-event-generator"

err = os.WriteFile(newBinaryPath, lsContent, 0755)
if err != nil {
h.Log().WithError(err).Error("failed to create new file in /bin")
return err
}
defer os.Remove(binaryPath) // Remove at end
defer os.Remove(newBinaryPath) // CleanUp

executeCmd := exec.Command(exampleCode)
executeCmd := exec.Command(newBinaryPath)
h.Log().Info("Executed a binary not part of base image")
return executeCmd.Run()
executeCmd.Run() // Rule triggers even the command is not successful
}
return nil
}

0 comments on commit b09fc0f

Please sign in to comment.