-
Notifications
You must be signed in to change notification settings - Fork 435
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
67 changed files
with
5,417 additions
and
519 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -40,4 +40,6 @@ Cargo.lock | |
*.json | ||
*CMakeFiles* | ||
*vcpkg_installed | ||
*node_modules | ||
*node_modules | ||
*.output/ | ||
build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,145 @@ | ||
<!-- PROJECT LOGO --> | ||
<p align="center"> | ||
<h3 align="center">JVMProbe</h3> | ||
|
||
<p align="center"> | ||
JVM runtime application self-protection. | ||
<br /> | ||
<br /> | ||
<a href="https://github.com/bytedance/Elkeid/issues">Report Bug</a> | ||
· | ||
<a href="https://github.com/bytedance/Elkeid/issues">Request Feature</a> | ||
</p> | ||
</p> | ||
|
||
|
||
|
||
<!-- TABLE OF CONTENTS --> | ||
<details open="open"> | ||
<summary>Table of Contents</summary> | ||
<ol> | ||
<li> | ||
<a href="#about-the-project">About The Project</a> | ||
<ul> | ||
<li><a href="#built-with">Built With</a></li> | ||
</ul> | ||
</li> | ||
<li> | ||
<a href="#getting-started">Getting Started</a> | ||
<ul> | ||
<li><a href="#prerequisites">Prerequisites</a></li> | ||
<li><a href="#installation">Installation</a></li> | ||
</ul> | ||
</li> | ||
<li><a href="#usage">Usage</a></li> | ||
<li><a href="#roadmap">Roadmap</a></li> | ||
<li><a href="#contributing">Contributing</a></li> | ||
<li><a href="#license">License</a></li> | ||
<li><a href="#contact">Contact</a></li> | ||
<li><a href="#acknowledgements">Acknowledgements</a></li> | ||
</ol> | ||
</details> | ||
|
||
|
||
|
||
<!-- ABOUT THE PROJECT --> | ||
## About The Project | ||
|
||
Modify class bytecode by using [ASM](https://asm.ow2.io), transfer api call arguments/stacktrace by unix socket. | ||
|
||
### Built With | ||
|
||
* [OpenJDK](https://openjdk.java.net) | ||
* [Gradle](https://gradle.org) | ||
|
||
|
||
|
||
<!-- GETTING STARTED --> | ||
## Getting Started | ||
|
||
### Prerequisites | ||
|
||
* OpenJDK | ||
```sh | ||
wget https://download.java.net/openjdk/jdk11/ri/openjdk-11+28_linux-x64_bin.tar.gz | ||
``` | ||
|
||
### Installation | ||
|
||
1. Clone the repo | ||
```sh | ||
git clone https://github.com/bytedance/Elkeid.git | ||
``` | ||
2. Build | ||
```sh | ||
mkdir -p output && ./gradlew shadow && cp build/libs/JVMProbe-1.0-SNAPSHOT-all.jar output/SmithAgent.jar | ||
``` | ||
|
||
|
||
|
||
<!-- USAGE EXAMPLES --> | ||
## Usage | ||
|
||
Start server: | ||
```sh | ||
# each message is be composed of a 4-byte length header, and a json string. | ||
socat UNIX-LISTEN:"/var/run/smith_agent.sock" - | ||
``` | ||
|
||
Loader mode: | ||
```sh | ||
java -javaagent:SmithAgent.jar -jar application.jar | ||
``` | ||
|
||
Attach mode by using [jattach](https://github.com/apangin/jattach): | ||
```sh | ||
jattach $(pidof java) load instrument false SmithAgent.jar | ||
``` | ||
|
||
|
||
|
||
<!-- ROADMAP --> | ||
## Roadmap | ||
|
||
See the [open issues](https://github.com/bytedance/Elkeid/issues) for a list of proposed features (and known issues). | ||
|
||
|
||
|
||
<!-- CONTRIBUTING --> | ||
## Contributing | ||
|
||
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are **greatly appreciated**. | ||
|
||
1. Fork the Project | ||
2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`) | ||
3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`) | ||
4. Push to the Branch (`git push origin feature/AmazingFeature`) | ||
5. Open a Pull Request | ||
|
||
|
||
|
||
<!-- LICENSE --> | ||
## License | ||
|
||
Distributed under the Apache-2.0 License. | ||
|
||
|
||
|
||
<!-- CONTACT --> | ||
## Contact | ||
|
||
Bytedance - [@bytedance](https://github.com/bytedance) | ||
|
||
Project Link: [https://github.com/bytedance/Elkeid](https://github.com/bytedance/Elkeid) | ||
|
||
|
||
|
||
<!-- ACKNOWLEDGEMENTS --> | ||
## Acknowledgements | ||
* [ASM](https://asm.ow2.io) | ||
* [snakeyaml](https://github.com/asomov/snakeyaml) | ||
* [jackson](https://github.com/FasterXML/jackson) | ||
* [commons-lang](https://commons.apache.org/proper/commons-lang) | ||
* [netty](https://netty.io) | ||
* [Disruptor](https://github.com/LMAX-Exchange/disruptor) | ||
* [Javassist](https://www.javassist.org) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
plugins { | ||
id 'java-library' | ||
id 'com.github.johnrengelman.shadow' version '6.0.0' | ||
} | ||
|
||
group 'com.security' | ||
version '1.0-SNAPSHOT' | ||
|
||
repositories { | ||
mavenCentral() | ||
} | ||
|
||
dependencies { | ||
implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.11' | ||
implementation group: 'io.netty', name: 'netty-all', version: '4.1.85.Final' | ||
} | ||
|
||
compileJava { | ||
options.release.set(8) | ||
} | ||
|
||
jar { | ||
manifest { | ||
attributes 'Agent-Class': 'com.security.smithloader.SmithAgent' | ||
attributes 'Premain-Class': 'com.security.smithloader.SmithAgent' | ||
attributes 'Can-Retransform-Classes': 'true' | ||
attributes 'Boot-Class-Path': 'SmithAgent.jar' | ||
attributes 'Specification-Title': 'Smith Agent' | ||
attributes 'Specification-Version': '1.0' | ||
attributes 'Implementation-Title': 'Smith Agent' | ||
attributes 'Implementation-Version': "$System.env.BUILD_VERSION" | ||
} | ||
} | ||
|
||
shadowJar { | ||
relocate 'org.apache.commons', 'agent.org.apache.commons' | ||
relocate 'META-INF/native/libnetty', 'META-INF/native/librasp_netty' | ||
} |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
distributionBase=GRADLE_USER_HOME | ||
distributionPath=wrapper/dists | ||
distributionUrl=https\://services.gradle.org/distributions/gradle-7.2-bin.zip | ||
zipStoreBase=GRADLE_USER_HOME | ||
zipStorePath=wrapper/dists |
Oops, something went wrong.