Linux kernel exploit development
Last updated
Was this helpful?
Last updated
Was this helpful?
Inspired by on Linux kernel exploit development, this series follows the same pattern of exploit mitigations using and includes all of my code and examples
Topics include: * * * * * * * * modprobe_path * cred_struct overwritting
Protections TLDR:
KASLR - Requires a leak to exploit
SMEP - Can't execute shellcode in userspace while in kernelmode (Kind of like DEP/NX)
SMAP - No reading or writing from userspace pages while in kernelmode (Stack pivots harder)
KPTI - Separate kernel space from user space. Need to swap between pages