Explore >> Select a destination
|
You are here 
|
pwning.systems | ||
| | | | |
chao-tic.github.io
|
|
| | | | | ||
| | | | |
xcellerator.github.io
|
|
| | | | | In all the playing around I've been doing with Linux kernel modules, I decided to see what would happen if you tried to load one from a Docker container. It turns out that privileged containers (or just those with CAP_SYS_MODULE) are able to use the sys_init_module() and sys_finit_module() syscalls - which are what's used to load kernel modules. As all containers share their kernel with the host (unlike VMs), this clearly results in yet another complete system compromise. | |
| | | | |
poolp.org
|
|
| | | | | TL;DR: I found a printed copy of an assignment I had to do in 2005 back when I was a student to implement a system call for OpenBSD and Linux. | |
| | | | |
labs.bluefrostsecurity.de
|
|
| | | |||
