- 利用msg_msg对象在Linux内核中进行任意读取和任意写入
- Linux内核利用技术: Overwriting modprobe_path
- 学习Linux内核漏洞利用 1-3
- Exploiting Kernel Races Through Taming Thread Interleaving
- Exploiting Kernel Races through Taming Thread Interleaving - 视频
- Locating the kernel PGD on Android/aarch64
- A Systematic Study of Elastic Objects in Kernel Exploitation
- Bypassing Many Kernel Protections Using Elastic Objects
- Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers - PPT
- Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers - PDF
- Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers - Video
- Linux Kernel Stack Smashing
- Kernel Exploitで使える構造体集
- Hands Off and Putting SLAB/SLUB Feng Shui in Blackbox
- Linux kernel pwn notes(内核漏洞利用学习
- CATTmew: Defeating Software-only Physical Kernel Isolation
- Mirror Mirror: Rooting Android 8 with a Kernel Space Mirroring Attack
- Entering God Mode — The Kernel Space Mirroring Attack
- Linux-Kernel-Exploit Stack Smashing
- FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
- Leak kernel pointer by exploiting uninitialized uses in Linux kernel
- Kepler: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
- USENIX Security '19 - KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux
- Exploiting Race Conditions Using the Scheduler - Jann Horn, Google
- DEF CON 24 - Ulf Frisk - Direct Memory Attack the Kernel
- Using userfaultfd
- Breaking KASLR with perf
- Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying
- New Reliable Android Kernel Root Exploitation Techniques
- Linux kernel addr_limit bug / exploitation
- Kernel Driver mmap Handler Exploitation
- Escalating Privileges in Linux using Voltage Fault Injection
- timer_list结构体在linux内核漏洞利用中的使用
- Stackjacking Your Way to grsec/PaX Bypass
- Stackjacking
- The stack is back
- The Linux kernel memory allocators from an exploitation perspective
- Attacking hardened Linux systems with kernel JIT spraying
- Exploiting Linux Kernel Heap Corruptions (SLUB Allocator)
- Black Hat USA 2013 - Hacking like in the Movies: Visualizing Page Tables for Local Exploitation
- From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel
- Kernel Data Attack is a Realistic Security Threat
- Randomization can’t stop BPF JIT spray
- The story of exploiting kmalloc() overflow
- Linux 2.6 Kernel Exploits
- The story of exploiting kmalloc() overflows v.0.2.1
- Attacking the Core : Kernel Exploiting Notes
- Exploiting Stack Overflows in the Linux Kernel
- An Analysis of Linux Kernel Heap Hardening
- Weaknesses in Linux Kernel Heap Hardening
- TagBleed: Breaking KASLR on the Isolated Kernel Address Space using Tagged TLBs
- SELinux RKP misconfiguration on Samsung S20 devices
- CCS 2016 - Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
- Micro architecture attacks on KASLR
- Linux Kernel x86-64 bypass SMEP - KASLR - kptr_restric
- Lifting the (Hyper) Visor: Bypassing Samsung’s Real-Time Kernel Protection
- KNOX Kernel Mitigation Bypasses
- PAN
- Bypassing Linux' NULL pointer dereference exploit prevention (mmap_min_addr)
- SMEP: What is It, and How to Beat It on Linux
- ret2dir: Deconstructing Kernel Isolation
- Effectively bypassing kptr_restrict on Android
- CCS 2016 - Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
- CVE-2018-3639/CVE-2019-7308—Spectre攻击linux内核ebpf的分析
- PLATYPUS:Software-based Power Side-Channel Attacks on x86
- VDSO As A Potential KASLR Oracle
- Spectre exploits in the "wild"
- Linux Kernel /proc/pid/syscall information disclosure vulnerability
- SSD Advisory – Samsung S10+/S9 kernel 4.14 (Android 10) Kernel Function Address (.text) and Heap Address Information Leak
- Linux Kernel getname() Stack Memory Disclosures
- Linux Kernel x86-64 Register Leak
- Linux Kernel pktcdvd Memory Disclosure
- Exploiting a Linux Kernel Infoleak to bypass Linux kASLR
- The Infoleak that (Mostly) Wasn't
- Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer
- Linux kernel: CVE-2017-18344: arbitrary-read vulnerability in the timer subsystem
ckexploits / pwnlinux Goto Github PK
View Code? Open in Web Editor NEWLinux内核利用资料精选
License: MIT License