Explore >> Select a destination
|
You are here 
|
pwning.systems | ||
| | | | |
xcellerator.github.io
|
|
| | | | | In all the playing around I've been doing with Linux kernel modules, I decided to see what would happen if you tried to load one from a Docker container. It turns out that privileged containers (or just those with CAP_SYS_MODULE) are able to use the sys_init_module() and sys_finit_module() syscalls - which are what's used to load kernel modules. As all containers share their kernel with the host (unlike VMs), this clearly results in yet another complete system compromise. | |
| | | | |
duasynt.com
|
|
| | | | | Universal Linux kernel heap spray | |
| | | | |
xenophanes.net
|
|
| | | | | [AI summary] The provided text is a detailed guide on creating a Linux kernel module that implements a character device with ioctl functionality. It walks through the process of setting up the module, defining the device structure, implementing open and release functions, adding ioctl support for adding two integers, and includes test code for user-space interaction. The guide also mentions additional resources for learning about Linux device drivers. | |
| | | | |
suraj.io
|
|
| | | Note on Linux Kernel capabilities | ||
