Explore novel vulnerabilities and exploitation techniques for bypassing Linux syscall tracing in this 38-minute Black Hat conference talk. Learn how user mode programs can reliably avoid system call tracing detections without special privileges or capabilities, even when seccomp, SELinux, and AppArmor are enforced. Presented by Rex Guo and Junyuan Zeng, this session delves into the intricacies of exploiting these vulnerabilities, providing valuable insights for security professionals and researchers interested in Linux system security.
Overview
Syllabus
Trace Me if You Can: Bypassing Linux Syscall Tracing
Taught by
Black Hat