24C3 - 1.01

24th Chaos Communication Congress
Volldampf voraus!

Day Day 3 (2007-12-29)
Room Saal 3
Start time 17:15
Duration 01:00
ID 2353
Event type lecture
Track Hacking
Language en

From Ring Zero to UID Zero

A couple of stories about kernel exploiting

The process of exploiting kernel based vulnerabilities is one of the topics which have received more attention (and kindled more interest) among security researchers, coders and addicted.

Due to the intrinsic complexity of the kernel, each exploit has been mostly a story on itself, and very little work has been done into finding a general modelization and presenting general exploiting approaches for at least some common categories of bugs. Moreover, the main target has usually been the Linux operating system on the x86 architecture.

This talk reprises and continues the attempt done in this direction with the Phrack64 paper “Attacking the Core: Kernel Explotation Notes” that we released six months ago. A more in-depth discussion of some Solaris kernel issue (both on x86 and SPARC) and a more detailed analysis of Race Conditions will be presented.