Guide to Linux kernel exploitation (Ivor Canjuga)
| May 15th, 2023Level: Advanced Subject Matter
Abstract:
This talk will provide an introduction to the Linux kernel, the core component of an operating system, and its attack surface. The speaker will discuss the differences between userspace and kernel-space and the security implications of each. He will explain how attackers can exploit kernel vulnerabilities for privilege escalation and other malicious goals. The talk will cover the environment setup for kernel debugging, various types of kernel bugs and their impact, and different mitigations and bypasses that can be used to protect against kernel exploits. A ret2user exploit will be demonstrated, and the talk will conclude with a discussion of fuzzing the kernel and reporting bugs. Overall, this talk will provide a comprehensive overview of Linux kernel security.
Bio:
Ivor Canjuga is an undergraduate student at the Faculty of Electrical Engineering and Computer Science at the University of Maribor. He enjoys creating challenges for CTFs, particularly hard ones, and has experience in penetration testing and bug bounty programs. Ivor’s passion lies in binary exploitation, where he applies his skills to uncover vulnerabilities and exploits.
Video/recordings: