Friday, July 26, 2019

hack folder hack escalation privileges (modify value char to zero amd64 kernel )


SMEP:
An abbreviation for Supervisor Mode Execution Prevention, when running on ring zero, execution would not be allowed to be transmitted to user-space. So both SMEP and SMAP put a form of limitation on the attacker’s surface.
static __init int setup_disable_smep(char *arg)
{
setup_clear_cpu_cap(X86_FEATURE_SMEP);
check_mpx_erratum(&boot_cpu_data);
return 1;
}
__setup("nosmep", setup_disable_smep);
Knowing if it’s on is as simple as checking /proc/cpuinfo, and it’s the same for SMAP.
This protection can be disabled with nosmep boot flag, it can also be disabled during runtime by unsetting SMEP bit(#20) on CR4.
https://0x00sec.org/t/point-of-no-c3-linux-kernel-exp…/11585
0X00SEC.ORG
Point of no C3 | Linux Kernel Exploitation - Part 0
In the name of Allah, the most beneficent, the most merciful. HAHIRRITATEDAHAHAHAHAHAHAHA “Appreciate the art, master the craft.” AHAHAHAHOUTDATEDAHAHAHAHAH It’s been more than a year, huh? but I’m back, with “Point of no C3”. It’s main focus will be Kernel Exploitation, but that won.....

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

China US AI URGENT meeting adversial attack ( Alibaba site commercial attack )

 https://www.abc.net.au/news/2026-05-12/trump-xi-beijing-summit-must-confront-ai-cold-war/106666482 https://www.thewirechina.com/2026/03/29/...