User contributions
Jump to navigation
Jump to search
- 22:42, 5 May 2016 diff hist +8 m Feature List
- 22:41, 5 May 2016 diff hist +137 Feature List
- 22:21, 4 May 2016 diff hist +37 Feature List
- 22:10, 4 May 2016 diff hist +43 Exploit Methods/Reused code chunks →Mitigations current
- 22:10, 4 May 2016 diff hist +64 Exploit Methods/Reused code chunks →Examples
- 21:45, 4 May 2016 diff hist +135 Kernel Self Protection Project →Work Areas: add link to feature list
- 21:43, 4 May 2016 diff hist +1,502 N Feature List initial dump of interesting features
- 22:34, 12 April 2016 diff hist +52 Exploit Methods/Reused code chunks →Examples
- 22:29, 12 April 2016 diff hist +70 Bug Classes/Format string injection →Examples current
- 18:10, 5 April 2016 diff hist +1 Exploit Methods/Userspace execution →Mitigations
- 18:10, 5 April 2016 diff hist +27 Exploit Methods/Userspace data usage →Mitigations
- 18:09, 5 April 2016 diff hist +26 Exploit Methods/Userspace execution →Mitigations
- 23:55, 4 April 2016 diff hist +33 Exploit Methods/Userspace execution →Details
- 23:54, 4 April 2016 diff hist +601 Exploit Methods/Userspace execution →Mitigations: add PXN table
- 21:47, 9 March 2016 diff hist +123 Bug Classes/Integer overflow →Examples current
- 21:02, 3 February 2016 diff hist +69 Bug Classes/Integer overflow →Examples: paste-o
- 20:24, 21 January 2016 diff hist +970 N Bug Classes/Use after free Created page with "= Details = When a memory allocation gets freed but there are still accidentally users of that memory, it is possible that an attacker could control the new memory allocation ..."
- 20:18, 21 January 2016 diff hist +48 Kernel Self Protection Project →Bug Classes
- 20:18, 21 January 2016 diff hist +83 Bug Classes/Integer overflow →Examples
- 20:06, 4 January 2016 diff hist +59 Bug Classes/Integer overflow →Examples
- 16:37, 13 December 2015 diff hist 0 Exploit Methods/Userspace data usage →Mitigations
- 19:37, 10 December 2015 diff hist +43 Exploit Methods/Userspace data usage →Mitigations
- 19:21, 10 December 2015 diff hist +24 Exploit Methods/Userspace data usage →Mitigations
- 19:20, 10 December 2015 diff hist +2 m Exploit Methods/Userspace data usage →Details
- 19:20, 10 December 2015 diff hist +202 Exploit Methods/Userspace data usage →Details
- 19:18, 10 December 2015 diff hist +7 Exploit Methods/Userspace data usage →Mitigations
- 19:15, 10 December 2015 diff hist +59 Exploit Methods/Userspace data usage →Mitigations
- 18:45, 10 December 2015 diff hist +26 Exploit Methods/Userspace data usage →Mitigations
- 18:45, 10 December 2015 diff hist +2 Exploit Methods/Userspace data usage →Mitigations
- 18:38, 10 December 2015 diff hist +640 Exploit Methods/Userspace data usage
- 18:22, 10 December 2015 diff hist +140 Exploit Methods/Userspace execution
- 22:02, 18 November 2015 diff hist +47 Exploit Methods/Text overwrite →Examples current
- 21:49, 17 November 2015 diff hist +544 Kernel Self Protection Project principles
- 21:40, 17 November 2015 diff hist +129 Exploit Methods/Userspace data usage →Examples
- 01:50, 5 November 2015 diff hist +147 Bug Classes/Kernel pointer leak →Details current
- 23:25, 4 November 2015 diff hist +557 N Exploit Methods/Reused code chunks Created page with "= Details = This is more generally knows as Return Oriented Programming (ROP) or Jump Oriented Programming (JOP), but ultimately boils down to using the kernel's own executabl..."
- 23:20, 4 November 2015 diff hist +689 N Exploit Methods/Userspace data usage Created page with "= Details = Sometimes an attacker won't be able to control the instruction pointer directly, but they will be able to redirect the dereference a structure or other pointer. In..."
- 23:15, 4 November 2015 diff hist +626 N Exploit Methods/Userspace execution Created page with "= Details = Once an attacker has gain control over the instruction pointers, it must be aimed somewhere. The place where attackers have the most control over memory layout ten..."
- 23:10, 4 November 2015 diff hist +702 N Exploit Methods/Function pointer overwrite Created page with "= Details = When an attacker has a write primitive, they can start function pointers to redirect execution. Function pointers exist in a large number of places in the kernel r..."
- 23:00, 4 November 2015 diff hist +376 N Exploit Methods/Text overwrite Created page with "= Details = If an attacker has a write primitive and knows where the kernel is located in memory, they could overwrite functions to do whatever they wanted. Protecting against..."
- 22:55, 4 November 2015 diff hist +2 Exploit Methods/Kernel location →Details current
- 22:54, 4 November 2015 diff hist −2 m Exploit Methods/Kernel location →Mitigations
- 22:54, 4 November 2015 diff hist +876 N Exploit Methods/Kernel location Created page with "= Details = Finding the kernel location can be an important first step for exploitation. Without it, for example, it's harder to make kernel function calls for privilege escal..."
- 22:46, 4 November 2015 diff hist +96 Active Projects →ASLR for kernel code current
- 22:44, 4 November 2015 diff hist +641 N Bug Classes/Uninitialized variables Created page with "= Details = When variables (on either stack or heap) are used without being explicitly initialized, behavior is "undefined". In reality, "uninitialized" just means "still has ..." current
- 22:35, 4 November 2015 diff hist +5 m Kernel Self Protection Project →Mission Statement
- 22:34, 4 November 2015 diff hist +890 N Bug Classes/Kernel pointer leak Created page with "= Details = When a kernel memory address (any of text, stack, heap, etc) leaks into userspace, attackers can learn potentially sensitive information about data layout, kernel ..."
- 22:17, 4 November 2015 diff hist +613 N Bug Classes/Format string injection Created page with "= Details = When an attacker supplied string is accidentally passed to format string parsing, the attacker can manipulate the resulting output. The write primitive available ..."
- 22:11, 4 November 2015 diff hist +506 N Bug Classes/Heap overflow Created page with "= Details = Heap overflows tend to occur due to integer overflows or otherwise broken bounds checking. Exploits overwrite adjacent heap memory, or manipulate the heap metadata..." current
- 22:02, 4 November 2015 diff hist +799 N Bug Classes/Integer overflow Created page with "= Details = Integer overflows (or underflows) occur when a multiplication happens that exceeds the size that can be represented by the datatype, generally wrapping around. Th..."