exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Mark Seaborn

Email addressmrs at mythic-beasts.com
First Active2005-01-05
Last Active2015-03-10
NaCl Sandbox Escape For Rowhammer
Posted Mar 10, 2015
Authored by Mark Seaborn

This is a proof-of-concept exploit that is able to escape from Native Client's x86-64 sandbox on machines that are susceptible to the DRAM "rowhammer" problem. It works by inducing a bit flip in read-only code so that the code is no longer safe, producing instruction sequences that wouldn't pass NaCl's x86-64 validator. Note that this uses the CLFLUSH instruction, so it doesn't work in newer versions of NaCl where this instruction is disallowed by the validator.

tags | exploit, x86
systems | linux
SHA-256 | e6593966ab188ce0527192162955cdd9d0be2836c92fe8c8ae35f4c97e8dbe65
Rowhammer Linux Kernel Privilege Escalation
Posted Mar 9, 2015
Authored by Mark Seaborn

This is a proof-of-concept exploit that is able to gain kernel privileges on machines that are susceptible to the DRAM "rowhammer" problem. It runs as an unprivileged userland process on x86-64 Linux. It works by inducing bit flips in page table entries (PTEs).

tags | exploit, x86, kernel
systems | linux
SHA-256 | b98de0b89f4234492083f03996c7cb5d72fb3cfcc699889b93c0cd1a61b15025
plash_1.19.orig.tar.gz
Posted May 6, 2008
Authored by Mark Seaborn | Site plash.beasts.org

Plash is a sandbox for running GNU/Linux programs with minimum privileges. It is suitable for running both command line and GUI programs. It can dynamically grant Gtk-based GUI applications access rights to individual files that you want to open or edit. This happens transparently through the Open/Save file chooser dialog box, by replacing GtkFileChooserDialog. Plash virtualizes the file namespace and provides per-process/per-sandbox namespaces. It can grant processes read-only or read-write access to specific files and directories, mapped at any point in the filesystem namespace. It does not require modifications to the Linux kernel.

Changes: Various updates and fixes.
tags | tool, kernel
systems | linux, unix
SHA-256 | e986dfa2e5251a43e5386ae47ea6cb0866c8cef264b2bd75e03a75c9a2f57030
plash_1.18.orig.tar.gz
Posted Jun 11, 2007
Authored by Mark Seaborn | Site plash.beasts.org

Plash is a sandbox for running GNU/Linux programs with minimum privileges. It is suitable for running both command line and GUI programs. It can dynamically grant Gtk-based GUI applications access rights to individual files that you want to open or edit. This happens transparently through the Open/Save file chooser dialog box, by replacing GtkFileChooserDialog. Plash virtualizes the file namespace and provides per-process/per-sandbox namespaces. It can grant processes read-only or read-write access to specific files and directories, mapped at any point in the filesystem namespace. It does not require modifications to the Linux kernel.

Changes: Various updates and fixes.
tags | tool, kernel
systems | linux, unix
SHA-256 | fd864fe0e95c0090f68aa6796f289689e412a7d4b7753746aa3dba44dd5179b6
plash_1.17.orig.tar.gz
Posted Dec 29, 2006
Authored by Mark Seaborn | Site plash.beasts.org

Plash is a sandbox for running GNU/Linux programs with minimum privileges. It is suitable for running both command line and GUI programs. It can dynamically grant Gtk-based GUI applications access rights to individual files that you want to open or edit. This happens transparently through the Open/Save file chooser dialog box, by replacing GtkFileChooserDialog. Plash virtualizes the file namespace and provides per-process/per-sandbox namespaces. It can grant processes read-only or read-write access to specific files and directories, mapped at any point in the filesystem namespace. It does not require modifications to the Linux kernel.

Changes: Various updates and fixes.
tags | tool, kernel
systems | linux, unix
SHA-256 | 39c171fe00850cdb0a4b825e1842f17f0703d13776f9b5c86f7961d0808dd892
plash-1.16.tar.gz
Posted Mar 28, 2006
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Documentation updates. Various enhancements and fixes.
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | d162e0d9d090d65a5d1a62627b10022026902c292609cd4e10c0ccc1030113a7
plash-1.15.tar.gz
Posted Dec 28, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Various enhancements and fixes.
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | 8da706b8f21b81bf4cecc61fa0445f92ec7f250b2b4ddf619184f4a6ed6af72e
plash-1.14.tar.gz
Posted Nov 10, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Multiple bug fixes.
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | 1322265b90db957d35062302b75b1f0a5d6dce5f5f92fa7fd0ca9da2524a2ae2
plash-1.13.tar.gz
Posted Oct 7, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Big changes to the build process and some bug fixes.
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | 70db36d7e8201cb8430b2885630262e1dcf1de4ad020b1219f29a6f55319da0f
plash-1.12.tar.gz
Posted Sep 22, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Various tweaks and improvements.
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | c1730657c910aacbef86fa23d3c0b9099cc0c4bc1b90989949ce4450b84d20b4
plash-1.11.tar.gz
Posted Aug 17, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: The major new feature in this version is the plash-run-emacs program.
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | 0e5a558e4d8f858cd9a53bf4dfe8abf1b4c0de4d86f5d95af9f14b7643102693
plash-1.10.tar.gz
Posted Jul 21, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

Changes: Implemented the use of fchdir().
tags | tool, shell, kernel
systems | linux, unix
SHA-256 | 093649215ccc30a106eff56de86fb5af56abe41da0caa6764cc4f0ada4fae80d
plash-1.9.tar.gz
Posted Jul 12, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

tags | tool, shell, kernel
systems | linux, unix
SHA-256 | c130885a17eca8ca18458cd773dcbd66a798dfe0927c065744ac9b6cf93c330c
plash-1.8.tar.gz
Posted Jun 1, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

tags | tool, shell, kernel
systems | linux, unix
SHA-256 | a6e327e4641c47eb04a6aaa489e1b964c6a8e799591ad61959af067078152d21
plash-1.6.tar.gz
Posted Jan 19, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

tags | tool, shell, kernel
systems | linux, unix
SHA-256 | b3841a5ebab75b6d4fa3f3ae8e198d27ffb79e5d46add7daf7698daeb813a493
plash-1.4.tar.gz
Posted Jan 5, 2005
Authored by Mark Seaborn | Site cs.jhu.edu

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

tags | tool, shell, kernel
systems | linux, unix
SHA-256 | ebf55af4f80c9b05f149d2190bc78c549b4f6d7b2e01743c9a27bf456abca202
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close