Ret2dir - Deconstructing Kernel Isolation

Ret2dir - Deconstructing Kernel Isolation

Black Hat via YouTube Direct link

Summary

9 of 37

9 of 37

Summary

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Ret2dir - Deconstructing Kernel Isolation

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 About me
  3. 3 Agenda
  4. 4 Kernel Vulnerabilities
  5. 5 Linux
  6. 6 Kernel Attack Model
  7. 7 Why do they work
  8. 8 Protections
  9. 9 Summary
  10. 10 Questions
  11. 11 Return to Direct Map Memory
  12. 12 Kernel Space Layout
  13. 13 Role of Kernel Space Layout
  14. 14 Properties of the Region
  15. 15 Threat Model
  16. 16 Addressaliasing
  17. 17 Attack
  18. 18 Location of synonym
  19. 19 Problems
  20. 20 How
  21. 21 Second problem
  22. 22 How Linux manages physical memory
  23. 23 How Linux manages page frames
  24. 24 What if page frames are not available
  25. 25 Fishmap sprain
  26. 26 Fishmap signatures
  27. 27 Vulnerability overview
  28. 28 Vulnerability data structure
  29. 29 Static kee
  30. 30 How to abuse it
  31. 31 How it works
  32. 32 What happens if this map is not executable
  33. 33 How this works
  34. 34 Demo
  35. 35 Exploit DB
  36. 36 Probability of success
  37. 37 Pagegas

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.