It's been about six months since I reported a vulnerability in the Android mobile platform that allowed the unprompted installation of arbitrary applications with arbitrary permissions on a victim's device. While the vulnerability has long been fixed on Android handsets around the world, I've yet to write ...
This April at Hackito Ergo Sum in Paris and Immunity's Infiltrate in Miami, Dan Rosenberg and I presented on a technique to exploit grsecurity/PaX-hardened Linux kernels. Read on for a brief overview of our presentation and a link to the full slides and PoC code.
The Stackjacking Technique ...!--more-->
The good: Google has patched a serious vulnerability I discovered in the Android web market.
The bad: Since the Android web market was launched earlier this year, it was possible to remotely install arbitrary applications with arbitrary permissions onto a victim's phone simply by tricking them into ...!--more-->
In this post, I'll introduce an exploitation technique for kernel stack overflows in the Linux kernel. Keep in mind this does not refer to buffer overflows on the kernel stack (whose exploitability is well understood), but rather the improper expansion of the kernel stack causing it to overlap with ...
The finals for NYU Poly's CSAW CTF was this past weekend in New York City. I thought I would post the kernel exploitation challenge I developed for the final round. Feel free to try your hand at solving it!
Each team is given unprivileged remote shell access ...!--more-->
Copyright © 2015 - Jon Oberheide <jon at oberheide dot org>.