Linux local kernel privilege escalation to root

A new vulnerability (CVE-2012-0056) that affects almost 650 different builds of the Linux kernel builds allows effortless privilege escalation to root. It works by forking child processes to trick the self_exec_id check on /proc/pid/mem access, allowing the code to modify its own SUID and gain root. CVE-2012-0056 $ ./mempodipper =============================== = Mempodipper = = by… Read More Linux local kernel privilege escalation to root

Preventing executable analysis – Part 1, Static Analysis

In this series of posts, I’m going to discuss executable analysis, the methods that are used and mechanisms to prevent them. There are three types of analysis that can be performed on executables: Static – Analysis of the sample file on disk. Emulated – Branch and stack analysis of the sample through an emulator. Live… Read More Preventing executable analysis – Part 1, Static Analysis

ACTA – European SOPA tries to violate worldwide rights.

It would be silly of me to tell you what Anti-Counterfeiting Trade Agreement (ACTA) is about, because you can’t miss it right now. The internet is abuzz with protest about SOPA, PIPA and ACTA right now, with good reason. SOPA and PIPA were recently defeated after mass outcry from people all across the world, and… Read More ACTA – European SOPA tries to violate worldwide rights.