Skip to content
/ tinycc-rott Public

An implmentation of the "Reflections on Trusting Trust" attack on TinyCC

bellard.org/tcc/

License

LGPL-2.1 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ammrat13/tinycc-rott

2 Branches10 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ammrat13ammrat13
Dynamically compute quine buffer size
Jan 14, 2024
409913f · Jan 14, 2024

History

3,436 Commits
.github/workflows
.github/workflows
Jan 13, 2024
examples
examples
Feb 25, 2017
include
include
Oct 29, 2023
lib
lib
Nov 8, 2023
tests
tests
Jan 6, 2024
tests_rott
tests_rott
Jan 13, 2024
win32
win32
Sep 6, 2023
.gitignore
.gitignore
Jan 12, 2024
COPYING
COPYING
May 24, 2003
Changelog
Changelog
Sep 6, 2023
CodingStyle
CodingStyle
Jan 6, 2016
Makefile
Makefile
Jan 12, 2024
README.md
README.md
Jan 13, 2024
RELICENSING
RELICENSING
Oct 31, 2023
TODO
TODO
Sep 6, 2023
USES
USES
Sep 6, 2023
VERSION
VERSION
Sep 6, 2023
arm-asm.c
arm-asm.c
May 9, 2022
arm-gen.c
arm-gen.c
Jul 24, 2022
arm-link.c
arm-link.c
Apr 25, 2023
arm-tok.h
arm-tok.h
Feb 13, 2021
arm64-asm.c
arm64-asm.c
Oct 22, 2021
arm64-gen.c
arm64-gen.c
Oct 29, 2023
arm64-link.c
arm64-link.c
Apr 25, 2023
c67-gen.c
c67-gen.c
Oct 22, 2021
c67-link.c
c67-link.c
Apr 25, 2023
coff.h
coff.h
May 8, 2017
configure
configure
Nov 27, 2023
conftest.c
conftest.c
Sep 6, 2023
dwarf.h
dwarf.h
May 5, 2022
elf.h
elf.h
Jul 24, 2022
i386-asm.c
i386-asm.c
Aug 16, 2022
i386-asm.h
i386-asm.h
Dec 13, 2022
i386-gen.c
i386-gen.c
Jul 31, 2023
i386-link.c
i386-link.c
Apr 25, 2023
i386-tok.h
i386-tok.h
Dec 13, 2022
il-gen.c
il-gen.c
May 8, 2017
il-opcodes.h
il-opcodes.h
Jul 29, 2015
libtcc.c
libtcc.c
Nov 8, 2023
libtcc.h
libtcc.h
Apr 25, 2023
riscv64-asm.c
riscv64-asm.c
Dec 16, 2023
riscv64-gen.c
riscv64-gen.c
Apr 8, 2023
riscv64-link.c
riscv64-link.c
Jan 7, 2024
riscv64-tok.h
riscv64-tok.h
Dec 12, 2023
stab.def
stab.def
Jul 29, 2015
stab.h
stab.h
Jul 29, 2015
tcc-doc.texi
tcc-doc.texi
Sep 6, 2023
tcc.c
tcc.c
Sep 6, 2023
tcc.h
tcc.h
Oct 29, 2023
tccasm.c
tccasm.c
Apr 25, 2023
tcccoff.c
tcccoff.c
Apr 25, 2023
tccdbg.c
tccdbg.c
Sep 6, 2023
tccelf.c
tccelf.c
Dec 8, 2023
tccgen.c
tccgen.c
Jan 8, 2024
tcclib.h
tcclib.h
Jul 29, 2015
tccmacho.c
tccmacho.c
Nov 8, 2023
tccpe.c
tccpe.c
Sep 6, 2023
tccpp.c
tccpp.c
Jan 12, 2024
tccpp_rott-gen.py
tccpp_rott-gen.py
Jan 14, 2024
tccpp_rott-pre.inc
tccpp_rott-pre.inc
Jan 14, 2024
tccrun.c
tccrun.c
Sep 6, 2023
tcctok.h
tcctok.h
Mar 10, 2023
tcctools.c
tcctools.c
Nov 27, 2023
texi2pod.pl
texi2pod.pl
Jul 29, 2015
x86_64-asm.h
x86_64-asm.h
Dec 13, 2022
x86_64-gen.c
x86_64-gen.c
Sep 6, 2023
x86_64-link.c
x86_64-link.c
Apr 25, 2023

Repository files navigation

"Reflections on Trusting Trust" in TinyCC

This repository implements the Reflections on Trusting Trust (RoTT) attack in TinyCC. It has two trojans that it can inject into other programs, namely:

  • It will cause the login.c file in the tests_rott directory to unconditionally allow a user identifying as "ken" to login.
  • It will cause the su toy in (my fork of) Toybox to unconditionally succeed when using the password "ken".

Furthermore, this fork of TinyCC can be used to compile a "clean" copy of TinyCC (commit 6120656), and it will propagate the two trojans to the newly built compiler.

The source for the trojans is in tccpp_rott-pre.inc, which is processed by tccpp_rott-gen.py to be included in tccpp.c. The trojans match based on a trigger string expected to be in the file, along with the name of the file itself. Note that filenames are matched based on their entire path given on the command line. So, for example, compiling login.c could potentially cause its trojan to activate, but compiling ./login.c won't.

About

An implmentation of the "Reflections on Trusting Trust" attack on TinyCC

bellard.org/tcc/

Resources

Readme

License

LGPL-2.1 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages