Completed
Addressaliasing
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Ret2dir - Deconstructing Kernel Isolation
Automatically move to the next video in the Classroom when playback concludes
- 1 Introduction
- 2 About me
- 3 Agenda
- 4 Kernel Vulnerabilities
- 5 Linux
- 6 Kernel Attack Model
- 7 Why do they work
- 8 Protections
- 9 Summary
- 10 Questions
- 11 Return to Direct Map Memory
- 12 Kernel Space Layout
- 13 Role of Kernel Space Layout
- 14 Properties of the Region
- 15 Threat Model
- 16 Addressaliasing
- 17 Attack
- 18 Location of synonym
- 19 Problems
- 20 How
- 21 Second problem
- 22 How Linux manages physical memory
- 23 How Linux manages page frames
- 24 What if page frames are not available
- 25 Fishmap sprain
- 26 Fishmap signatures
- 27 Vulnerability overview
- 28 Vulnerability data structure
- 29 Static kee
- 30 How to abuse it
- 31 How it works
- 32 What happens if this map is not executable
- 33 How this works
- 34 Demo
- 35 Exploit DB
- 36 Probability of success
- 37 Pagegas