Skip to content

PCILeech on Linux

ufrisk edited this page Sep 11, 2019 · 6 revisions

PCILeech on Linux

This section is about running PCILeech on Linux. For more information about targeting Linux systems please check Target: Linux x64.

NB! Mount functionality including mounting file systems of target computers is Windows only feature at the moment. If you require the mount functionality please look into running PCILeech on Windows.

It is possible to run PCILeech on 64-bit Linux systems.

Please find a pre-compiled binary version of pcileech in the latest release in the PCILeech repo. Please note that PCILeech is dependent on the LeechCore library. The required leechcore.so is co-bundled in the binary release.


Required Drivers (FPGA / USB3380 Hardware):

When using FPGA or USB3380 hardware one must have libusb installed. Libusb is installed on most modern systems so this should not be a cause of concern. PCILeech should work out of the box on 64-bit Linux systems. If libusb is missing please install it by running (as root): apt-get install libusb-1.0-0.

Normally, PCILeech must be run as root when using FPGA / USB3380 hardware.


Building PCILeech:

To compile for Linux make sure the dependencies are met by running: apt-get install libusb-1.0-0-dev pkg-config.

Also ensure that the leechcore.so file exists within the pcileech/files directory. If it does not exist please first build LeechCore and copy the resulting leechcore.so file to the pcileech/files directory.

To build PCILeech move into the pcileech/pcileech directory and execute: make. The resulting binary pcileech will be placed alongside shellcode modules and configuration files in the pcileech/files directory after a successful build.

To build individual shellcode kernel modules and implants please individual instructions in each source file. Kernel modules and implants, even for Linux, are currently built on Windows, but should be possible to build on Linux as well with minimal modifications.

Clone this wiki locally