Overview
Explore kernel patching techniques for securing and maintaining Linux-based IoT devices in this 46-minute conference talk from ShmooCon 2019. Learn about the challenges of securing inexpensive IoT devices running outdated Linux kernels on corporate networks and the limitations of existing live patching solutions. Discover a novel tool suite developed by the speakers for inspecting, compiling, and applying patches to vendor OEM Linux kernels without requiring complete source code or specific build chains. Gain insights into hooking functions, replacing functions, altering parameters, and modifying return values to patch vulnerabilities, instrument performance, and aid in reverse engineering efforts. Presented by security researchers Jewell Seay and Parker Wiksell from Battelle Memorial Institute, this talk offers practical solutions for network administrators and security professionals dealing with the proliferation of insecure IoT devices.
Syllabus
Patchwerk: Kernel Patching for Fun and Profit - Parker Wiksell & Jewell Seay
Taught by
0xdade