Attacking the Core : Kernel Exploiting Notes
The latest years have seen an increasing interest towards kernel based
explotation. The growing diffusion of "security prevention" approaches
(no-exec stack, no-exec heap, ascii-armored library mmapping, mmap/stack
and generally virtual layout randomization, just to point out the most
known) has/is made/making userland explotation harder and harder.
Moreover there has been an extensive work of auditing on application codes,
so that new bugs are generally more complex to handle and exploit.

The attentions has so turned towards the core of the operating systems,
towards kernel (in)security. This paper will attempt to give an insight
into kernel explotation, with examples for IA-32, UltraSPARC and AMD64.
Linux and Solaris will be the target operating systems. More precisely, an
architecture on turn will be the main covered for the three main
exploiting demonstration categories : slab (IA-32), stack (UltraSPARC) and
race condtion (AMD64). The details explained in those 'deep focus' apply,
thou, almost in toto to all the others exploiting scenarios.

Since explotation examples are surely interesting but usually do not show
the "effective" complexity of taking advantages of vulnerabilities, a
couple of working real-life exploits will be presented too.
exploit  linux  kernel  tutorials 
february 2017
« earlier      
afl amazon analysis android api apple appsec arm art aslr asm assembly automation aws baby backup binary bookmarks bounty bruteforce bugbounty burp c challenges cheatsheet checklist chrome citrix cli clickjacking cloud code codereview coding conference cooking cracking crackmes crypto cryptography csrf css ctf debug debugger debugging decompiler defcon design dev development devops dfir dns domains domxss dropbox dtrace ebooks ec2 education email embedded encryption erlang exercise exploit exploitation exploits facebook firewall fitness flash fonts food forensics frida funny furniture fuzzing games gaming gdb gifs gifts git go golang gpg gtd guide guides hacking hackintosh ham hardware hardwarehacking heap heapexploit hearthstone history hosting house html5 http ida idapro infosec inspiration ios iot iphone jabber jailbreak java javascript json kernel kindle kiosk kubernetes lab learning lfi linux lion lockpicking mac mainframe mallory malware memory metasploit minecraft mitm mobile mobileappsec mobilesec mobility music netsec network networking node nodejs noise oauth objectivec online osx paleo parenting password passwords pc pdf pentest pentesting phishing photography piano poc pokemon presentation privacy programming proxy python radio rails raspberrypi rce re recipe recipes recon reddit redteam reference regex registration research reverse reverseengineering reversing roku root rop router rtlsdr ruby saml sast scanner screencast sdr search security server setup shell shellcode sourcecode spam sql sqli ssh ssl sso ssrf staticanalysis storage stretching stripectf sublime sudo sysadmin team testing theos tool tools training tutorial tutorials tv tweak twitter ubuntu unix video vm vmware vps wallpaper web webapp webappsec webdesign webdev webservice websockets wifi windows windows8 wireless wordlist workout wp7 writeup xcode xml xoom xss xxe znc

Copy this bookmark: