W^X policy violation affecting all Windows drivers compiled in Visual Studio 2013 and previous

Back in June, I was doing some analysis on a Windows driver and discovered that the INIT section had the read, write, and executable characteristics flags set. Windows executables (drivers included) use these flags to tell the kernel what memory protection flags should be applied to that section’s pages once the contents are mapped into… Read More W^X policy violation affecting all Windows drivers compiled in Visual Studio 2013 and previous

September 3, 2015September 4, 2015 Graham SutherlandLeave a comment

Steam Code Execution – Privilege Escalation to SYSTEM (Part 2)

In my previous post I talked about a vulnerability in Steam which allows you to bypass UAC. I’m going to be totally transparent here: I fucked up. I wrote the draft post a few days back, then did some more work on the vulnerability. I discovered something much more serious in the process. I posted… Read More Steam Code Execution – Privilege Escalation to SYSTEM (Part 2)

October 11, 2013October 11, 2013 Graham SutherlandLeave a comment

Linux local kernel privilege escalation to root

A new vulnerability (CVE-2012-0056) that affects almost 650 different builds of the Linux kernel builds allows effortless privilege escalation to root. It works by forking child processes to trick the self_exec_id check on /proc/pid/mem access, allowing the code to modify its own SUID and gain root. CVE-2012-0056 $ ./mempodipper =============================== = Mempodipper = = by… Read More Linux local kernel privilege escalation to root

January 27, 2012January 27, 2012 Graham SutherlandLeave a comment

codeinsecurity

a mostly technical blog about things what which I done did or am looking at have

Tag: Exploits

W^X policy violation affecting all Windows drivers compiled in Visual Studio 2013 and previous

Steam Code Execution – Privilege Escalation to SYSTEM (Part 2)

Linux local kernel privilege escalation to root