Translucent Kernel Memory Access from Usermode
themalwareman.com/Translucen…
#windows_internls , #kernel_mode , #user_mode
themalwareman.com/Translucen…
#windows_internls , #kernel_mode , #user_mode
DirtyCred (CVE-2022-3910) for container escape
Credits @starlabs_sg
starlabs.sg/blog/2023/07-a-n…
#Linux ,#kernel , #CVE_analysis
Credits @starlabs_sg
starlabs.sg/blog/2023/07-a-n…
#Linux ,#kernel , #CVE_analysis
exploiting a use-after-free in Linux kernel 5.15 (Ubuntu 22.04) (CVE-2022-32250)
credit: @saidelike
research.nccgroup.com/2022/0…
#linux , #kernel , #analysis , #exploitation
__
@islemolecule_source
credit: @saidelike
research.nccgroup.com/2022/0…
#linux , #kernel , #analysis , #exploitation
__
@islemolecule_source
Three parts series on debugging Linux kernel (gdb, kgdb, kgdboc and crash)
Part 1: blogs.oracle.com/linux/post/…
Part 2: blogs.oracle.com/linux/post/…
Part 3: blogs.oracle.com/linux/post/…
#linux , #kernel , #debug ,
Part 1: blogs.oracle.com/linux/post/…
Part 2: blogs.oracle.com/linux/post/…
Part 3: blogs.oracle.com/linux/post/…
#linux , #kernel , #debug ,
Forwarded from APT
Explore the Windows Kernel with HEVD, a vulnerable driver. Dive into stack overflow exploits and bypass SMEP/KPTI protections using the sysret approach.
A detailed guide for Windows kernel explotation:
— Part 0: Where do I start?
— Part 1: Will this driver ever crash?
— Part 2: Is there a way to bypass kASLR, SMEP and KVA Shadow?
— Part 3: Can we rop our way into triggering our shellcode?
— Part 4: How do we write a shellcode to elevate privileges and gracefully return to userland?
#windows #kernel #driver #hevd #hacksys
Please open Telegram to view this post
VIEW IN TELEGRAM
👍11👾4❤1
Forwarded from Infosec Fortress
The Kernel Hacker's Guide to the Galaxy
Automating Exploit Engineering Workflows
H2HC 2024
#binary
#kernel
#exploitation
———
🆔 @Infosec_Fortress
Automating Exploit Engineering Workflows
H2HC 2024
#binary
#kernel
#exploitation
———
🆔 @Infosec_Fortress
👍3
Forwarded from Infosec Fortress (Amir M. Jahangirzad)
projectzero.google
From Chrome renderer code exec to kernel with MSG_OOB - Project Zero
IntroductionIn early June, I was reviewing a new Linux kernel feature when I learned about the MSG_OOB feature supported by stream-oriented UNIX domain socke...
From Chrome renderer code exec to kernel with MSG_OOB
🔗 Link
#browser
#exploitation
#kernel
#linux
———
🆔 @Infosec_Fortress
🔗 Link
#browser
#exploitation
#kernel
#linux
———
🆔 @Infosec_Fortress
❤3
Forwarded from r3v notes
#win #kernel #vmp #deobfuscation
Вскрытие покажет: анализируем драйвер Windows x64, защищенный VMProtect
https://habr.com/ru/companies/F6/articles/564738/
Вскрытие покажет: анализируем драйвер Windows x64, защищенный VMProtect
https://habr.com/ru/companies/F6/articles/564738/
Хабр
Вскрытие покажет: анализируем драйвер Windows x64, защищенный VMProtect
Анализ вредоносных программ, защищающих себя от анализа, — это всегда дополнительные трудности для вирусного аналитика. Программа может быть обфусцирована, чтобы избежать детектирования сигнатурными и...
❤5👍1