A vulnerability in the pktcdvd driver in the Linux kernel allows for the disclosure of 4 bytes of kernel memory. In this post, I'll describe the tad bit of magic that's necessary to exploit the vulnerability on both 32-bit and 64-bit hosts to disclosure an arbitrary amount of ...
Ben Hawkes discovered a vulnerability in the Controller Area Network (CAN) packet family in the Linux kernel that results in a controllable overflow of a SLUB-allocated structure. As there's not a whole lot of modern, public examples of SLUB overflow exploits, I'll describe my exploit of the CAN ...
This posts aims to peek inside the Android GTalkService connection and observe its protocol. In particular, we're interested in the INSTALL_ASSET message and whether or not it is protected by any additional cryptographic signatures beyond the intended guarantees provided by the SSL transport.
A Brief Introduction to the GTalkService ...!--more-->
In this post, I'll talk about the REMOVE_ASSET and INSTALL_ASSET mechanisms that can be invoked by Google via Android's GTalkService to not only remotely remove applications from an Android device but also remotely install new applications.
So if you didn't check out my slides from ...!--more-->
Copyright © 2015 - Jon Oberheide <jon at oberheide dot org>.