How SUDO on Linux was HACKED! // CVE-2021-3156
The most comprehensive video covering the sudo vulnerability CVE-2021-3156 Baron Samedit. I spent two weeks on rediscovering, analysing and exploitation of the sudoedit heap overflow. We will talk about fuzzing, code review, exploit strategies, heap feng shui and developing the exploit.
https://liveoverflow.com/support
Article: https://liveoverflow.com/critical-sudo-vulnerability-walkthrough-cve-2021-3156/
Binary Exploitation Playlist: https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN
PwnFunction's Binary Exploitation Playlist: https://www.youtube.com/playlist?list=PLI_rLWXMqpSkAYfar0HRA7lykydwmRY_2
Full CVE-2021-3156 Advisory: https://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
Qualys Blog: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit
milek7's blog on fuzzing sudo: https://milek7.pl/howlongsudofuzz/
00:00 - Intro and Motivation
01:33 - afl: Fuzzing argv[]
03:22 - afl: sudo vs. sudoedit
04:27 - afl: Fuzzing setuid Process
06:49 - Fuzzing Conclusion
07:11 - Code Review: Identify Risky Code Through Isolation
09:39 - Code Review: Bypass Safe Conditions
11:15 - Exploit Strategy: Modern Mitigations
12:25 - The service_user Object Overwrite Technique
13:48 - Heap Feng Shui via Environment Variables
14:57 - Bruteforce Script to Find Exploitable Conditions
15:39 - Find and Analyse Useful Crashes
16:31 - Exploitability Analysis Conclusion
17:13 - Qualys Researchers Knew nss From Stack Clash
17:47 - Sudoedit Exploitable on macOs?
18:32 - Research Conclusion
19:27 - Outro
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
Видео How SUDO on Linux was HACKED! // CVE-2021-3156 канала LiveOverflow
https://liveoverflow.com/support
Article: https://liveoverflow.com/critical-sudo-vulnerability-walkthrough-cve-2021-3156/
Binary Exploitation Playlist: https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN
PwnFunction's Binary Exploitation Playlist: https://www.youtube.com/playlist?list=PLI_rLWXMqpSkAYfar0HRA7lykydwmRY_2
Full CVE-2021-3156 Advisory: https://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
Qualys Blog: https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit
milek7's blog on fuzzing sudo: https://milek7.pl/howlongsudofuzz/
00:00 - Intro and Motivation
01:33 - afl: Fuzzing argv[]
03:22 - afl: sudo vs. sudoedit
04:27 - afl: Fuzzing setuid Process
06:49 - Fuzzing Conclusion
07:11 - Code Review: Identify Risky Code Through Isolation
09:39 - Code Review: Bypass Safe Conditions
11:15 - Exploit Strategy: Modern Mitigations
12:25 - The service_user Object Overwrite Technique
13:48 - Heap Feng Shui via Environment Variables
14:57 - Bruteforce Script to Find Exploitable Conditions
15:39 - Find and Analyse Useful Crashes
16:31 - Exploitability Analysis Conclusion
17:13 - Qualys Researchers Knew nss From Stack Clash
17:47 - Sudoedit Exploitable on macOs?
18:32 - Research Conclusion
19:27 - Outro
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
Видео How SUDO on Linux was HACKED! // CVE-2021-3156 канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Hacking into Google's Network for $133,337
I Made A Water Computer And It Actually Works
How Singapore Uses Science to Stay Cool
I Hacked Into My Own Car
How Do Linux Kernel Drivers Work? - Learning Resource
What is a File Format?
Protect Linux Server From Hackers
Using My Python Skills To Punish Credit Card Scammers
Analysing a Firefox Malware browserassist.dll - FLARE-On 2018
Nintendo Switch (NVIDIA Tegra X1) - BootROM Vulnerability
Minetest Circuit Challenge - Google CTF 2019 Qualifier
Format String Exploit Troubleshooting Over Twitter - bin 0x11 b
Solving Nintendo HireMe!!! with "Basic" Math
Hacking Competition in Zhengzhou China - Real World CTF Finals 2018
Coding Adventure: Ant and Slime Simulations
IT Security Career Advice
Why MissingNo Multiplies Items!
Researching MissingNo Glitch in Pokemon
Does Hacking Require Programming Skills?
let's hack your home network // FREE CCNA // EP 9