Log in or Sign up

Beat SMEP on Linux with Return-Oriented Programming

Discussion in 'all things UNIX' started by Hungry Man, Nov 11, 2011.

Thread Status:: Not open for further replies.

Hungry Man Registered Member

Joined:

May 11, 2011

Posts:

9,146

http://falken.tuxfamily.org/?p=115

Introduction

In this post, I will show you how easy it is to use Return-Oriented Programming in the Linux kernel and how it can bypass protections such as SMEP, available in the next generation of Intel processor.
Click to expand...

Hungry Man, Nov 11, 2011

#1
Mrkvonic Linux Systems Expert

Joined:

May 9, 2005

Posts:

10,224

Ah, all based on the premise you know where to find that one buggy driver. Making device nodes takes root privileges, so that one step seems to have been taken for granted, but it is not. And the problem is not the exploit, if and when it works. In 99% of cases like this, you will crash the host with kernel oops/panic.

P.S. Nice to see people having some decent asm skills ...

Cheers,
Mrk

Mrkvonic, Nov 12, 2011

#2

Thread Status:: Not open for further replies.

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn More...