Reading Kernel Source Code - Analysis of an Exploit
Last video we looked at a kernel exploit against SerenityOS Kernel. This video we dig deep into the sources to find out why the vulnerability exists. After that we even attempt to find our own exploit.
Part 1 - The Kernel Exploit: https://www.youtube.com/watch?v=qUh507Na9nk
00:00 - Intro
00:27 - Part 1 - Linux vs. Serenity
01:17 - Finding ptrace() in Linux
01:31 - Finding ptrace() in Serenity
02:12 - Comparing Linux and Serenity ptrace() Code
04:07 - Architecture Specific Code in Linux
04:45 - Continue Comparing Linux vs. Serenity ptrace() Code
05:08 - Conclusion of Part 1
05:57 - Part 2 - hxp wisdom2 Exploit Analysis
06:44 - Reading ptrace() again
07:26 - Reading execve() code
08:46 - The Critical execve() code
09:30 - Do You Notice The Vulnerability?
10:17 - Race Condition Exploit Strategy
11:48 - Part 3 - Doing Own Research
13:15 - Doing an Experiment
15:44 - Kernel Changes for Experiment
16:00 - Failed Experiment
16:26 - Asking Andreas Kling About Scheduler Code
17:45 - Conclusion - Read More Code
18:38 - Outro
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Instagram: https://instagram.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
Видео Reading Kernel Source Code - Analysis of an Exploit канала LiveOverflow
Part 1 - The Kernel Exploit: https://www.youtube.com/watch?v=qUh507Na9nk
00:00 - Intro
00:27 - Part 1 - Linux vs. Serenity
01:17 - Finding ptrace() in Linux
01:31 - Finding ptrace() in Serenity
02:12 - Comparing Linux and Serenity ptrace() Code
04:07 - Architecture Specific Code in Linux
04:45 - Continue Comparing Linux vs. Serenity ptrace() Code
05:08 - Conclusion of Part 1
05:57 - Part 2 - hxp wisdom2 Exploit Analysis
06:44 - Reading ptrace() again
07:26 - Reading execve() code
08:46 - The Critical execve() code
09:30 - Do You Notice The Vulnerability?
10:17 - Race Condition Exploit Strategy
11:48 - Part 3 - Doing Own Research
13:15 - Doing an Experiment
15:44 - Kernel Changes for Experiment
16:00 - Failed Experiment
16:26 - Asking Andreas Kling About Scheduler Code
17:45 - Conclusion - Read More Code
18:38 - Outro
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Instagram: https://instagram.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
Видео Reading Kernel Source Code - Analysis of an Exploit канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Kernel Root Exploit via a ptrace() and execve() Race Condition
What is a File Format?
Hacking Competition in Zhengzhou China - Real World CTF Finals 2018
Minetest Circuit Challenge - Google CTF 2019 Qualifier
Pocket Computers from the 1980s
Emulating a CPU in C++ (6502)
Google CTF Finals 2019!
Script Gadgets! Google Docs XSS Vulnerability Walkthrough
Google Paid Me to Talk About a Security Issue!
Why MissingNo Multiplies Items!
Browser haxx0ring: Let's write an exploit for an integer overflow in JavaScript typed arrays
Let’s play a game: what is the deadly bug here?![Intel - From Inventors of the CPU to Laughing Stock [Part 1]](https://i.ytimg.com/vi/JH2nXMv6yZI/default.jpg)
Intel - From Inventors of the CPU to Laughing Stock [Part 1]
Nintendo Switch (NVIDIA Tegra X1) - BootROM Vulnerability
Analysing a Firefox Malware browserassist.dll - FLARE-On 2018
Magnetic Marble Picker
Threat Models - Hardware Wallet Research #1
Nintendo Hire me!!!!!!!!
Failed DOM Clobbering Research - All The Little Things 1/2 (web) Google CTF 2020