1070
Attacking the Core : Kernel Exploiting Notes
The latest years have seen an increasing interest towards kernel based
explotation. The growing diffusion of "security prevention" approaches
(no-exec stack, no-exec heap, ascii-armored library mmapping, mmap/stack
and generally virtual layout randomization, just to point out the most
known) has/is made/making userland explotation harder and harder.
Moreover there has been an extensive work of auditing on application codes,
so that new bugs are generally more complex to handle and exploit.

The attentions has so turned towards the core of the operating systems,
towards kernel (in)security. This paper will attempt to give an insight
into kernel explotation, with examples for IA-32, UltraSPARC and AMD64.
Linux and Solaris will be the target operating systems. More precisely, an
architecture on turn will be the main covered for the three main
exploiting demonstration categories : slab (IA-32), stack (UltraSPARC) and
race condtion (AMD64). The details explained in those 'deep focus' apply,
thou, almost in toto to all the others exploiting scenarios.

Since explotation examples are surely interesting but usually do not show
the "effective" complexity of taking advantages of vulnerabilities, a
couple of working real-life exploits will be presented too.
exploit  linux  kernel  tutorials 
7 weeks ago
« earlier      
amazon analysis android api apple appsec arm art aslr asm assembly automation aws baby backup binary bookmarks bruteforce burp c challenges cheatsheet chrome citrix cli clickjacking cloud code codereview conference cooking cracking crackmes crypto cryptography csrf css ctf debug debugger debugging decompiler defcon design dev development devops dfir dns domains domxss dropbox dtrace ebooks ec2 education email embedded encryption erlang exercise exploit exploitation exploits facebook firewall fitness flash fonts food forensics frida funny furniture fuzzing games gaming gdb gifs gifts git golang gpg gtd guides hacking hackintosh ham hardware hardwarehacking hearthstone history hosting house html5 http ida idapro infosec inspiration ios iphone jabber jailbreak java javascript json kernel kindle kiosk lab learning linux lion lockpicking mac mainframe mallory malware memory metasploit minecraft mitm mobile mobileappsec mobilesec mobility music netsec network networking node noise objectivec online osx paleo parenting password passwords pc pdf pentest pentesting phishing photography piano poc pokemon presentation privacy programming proxy python radio rails raspberrypi rce re recipe recipes reddit redteam reference regex registration research reverse reverseengineering reversing roku root rop router rtlsdr ruby sast scanner screencast sdr search security server setup shell shellcode sourcecode spam sql sqli ssh ssl staticanalysis storage stretching stripectf sublime sudo sysadmin testing theos tool tools training tutorial tutorials tv tweak twitter ubuntu unix video vm vmware vps wallpaper web webapp webappsec webdesign webdev webservice websockets wifi windows windows8 wireless wordlist workout wp7 writeup xcode xml xoom xss xxe znc

Copy this bookmark:



description:


tags: