24C3 - 1.01
24th Chaos Communication Congress
Volldampf voraus!
Speakers | |
---|---|
sgrakkyu | |
twiz |
Schedule | |
---|---|
Day | Day 3 (2007-12-29) |
Room | Saal 3 |
Start time | 17:15 |
Duration | 01:00 |
Info | |
ID | 2353 |
Event type | lecture |
Track | Hacking |
Language | en |
Feedback | |
---|---|
Did you attend this event? Give Feedback |
From Ring Zero to UID Zero
A couple of stories about kernel exploiting
The process of exploiting kernel based vulnerabilities is one of the topics which have received more attention (and kindled more interest) among security researchers, coders and addicted.
Due to the intrinsic complexity of the kernel, each exploit has been mostly a story on itself, and very little work has been done into finding a general modelization and presenting general exploiting approaches for at least some common categories of bugs. Moreover, the main target has usually been the Linux operating system on the x86 architecture.
This talk reprises and continues the attempt done in this direction with the Phrack64 paper “Attacking the Core: Kernel Explotation Notes” that we released six months ago. A more in-depth discussion of some Solaris kernel issue (both on x86 and SPARC) and a more detailed analysis of Race Conditions will be presented.