2021-01-22
[public] 85.9K views, 5.40K likes, 34.0 dislikes audio only
Last video we looked at a kernel exploit against SerenityOS Kernel. This video we dig deep into the sources to find out why the vulnerability exists. After that we even attempt to find our own exploit.
Part 1 - The Kernel Exploit: /youtube/video/qUh507Na9nk
00:00 - Intro
00:27 - Part 1 - Linux vs. Serenity
01:17 - Finding ptrace() in Linux
01:31 - Finding ptrace() in Serenity
02:12 - Comparing Linux and Serenity ptrace() Code
04:07 - Architecture Specific Code in Linux
04:45 - Continue Comparing Linux vs. Serenity ptrace() Code
05:08 - Conclusion of Part 1
05:57 - Part 2 - hxp wisdom2 Exploit Analysis
06:44 - Reading ptrace() again
07:26 - Reading execve() code
08:46 - The Critical execve() code
09:30 - Do You Notice The Vulnerability?
10:17 - Race Condition Exploit Strategy
11:48 - Part 3 - Doing Own Research
13:15 - Doing an Experiment
15:44 - Kernel Changes for Experiment
16:00 - Failed Experiment
16:26 - Asking Andreas Kling About Scheduler Code
17:45 - Conclusion - Read More Code
18:38 - Outro
-=[ ā¤ļø Support ]=-
ā per Video: https://www.patreon.com/join/liveoverflow
ā per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ š Social ]=-
ā Twitter: https://twitter.com/LiveOverflow/
ā Instagram: https://instagram.com/LiveOverflow/
ā Website: https://liveoverflow.com/
ā Subreddit: https://www.reddit.com/r/LiveOverflow/
ā Facebook: https://www.facebook.com/LiveOverflow/