Forged packets can be send out from a Linux system, for example for NFS attacks or any other protocol relying on addresses for authentification, even when protected from the outside interfaces by firewalling rules. Most of the time, existing firewalling rules are bypassed. This requires at least a shell account on the system.
8d159590c7c839774eb2f8a7c4dddf0737f16a6cf7e3d10393036232f45f5469
Shellcode that execve() /bin/sh -c (user supplied command). Designed to evade tolower() and friends. requires %esio reference a valid writable address.
a8d80a1d3e6ed93ff7cfffd2ef34670d800df5da4fe9ec2e25e4138b7a0bf1c7
Linux Memory tools are a set of Linux tools (Python, C and ASM) which aim is to facilitate exploit development. These tools can be used to dump process memory, search for patterns and quickly find OPCODEs location addresses (instructions and mnemonics are functional but still in development). OPCODE search is possible on an instant memory snapshot or using a file dump. These tools are been quickly coded and should be considered as helpful scripts. Return addresses or shellcode locations can be found instantly.
b563de74e1cda35f782a23fd14e98e36f0b0c04030335f5778d239a1c883e3e3
This document describes a new syscall hooking technique for Linux systems and exposes how it can be implemented as part of a virus or a backdoor in order to take full control over an userland application. Although there are some well- known methods for hooking functions, they are mostly based on the ELF format itself. This technique is focused on those pieces of code that are externally called by the main program and invoke a system call or system service.
30fdbdfab2efb4eab95a25eb94384d63a0a3f4af1470486ff3e9730bb54e262c
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
34d3033f6db61c7bbe1fe293e31ddc2ee847c21790e3d749333de4c2579842ee
LKM based hotfix for the sys_prctl vulnerability in the Linux kernel 2.6 series.
dea5f15fd931a84aa2eecaf0c75f0f2a7c32f49764b25599b67206330611db97
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
bef89e4d59252dc6292974f13587c0a88fbec212e15d455e4d4d2d27d188a956
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
d0e51c10a398ac2345a217c0c2d573719f94a588438d740d8a713f4c6c4a844c
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
00633e5f2a6f35002c0690c4639fb5536f58638c9b1cc221c2a1bee7fa20b7c4
Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.
64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8b
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
517d8c63c913c0a9a9f1b1544de6318bdd18841356e2f3754beb64d4647dcc3c
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
256cfa736b57ad57623917b4da7131b7ab1915c65a0a3f47a53ca2d186266ee0
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
96446f971dcc88f7a2750e7cc1155cf3c71291042b99fa3ccf4376141487ceb5
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
93acccb9dfe362d3f5fe4bb7dac727680341d124ac1770799631c5005e47afe1
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
67ef2ef429014c1ef695fb56e75765a196b282c57eee929e163c315a1a3ab75e
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
b575a8e739d48ad27b6b4dc9343c808e52914c5a74122670e3a75df2390e9386
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
ed2cf0f0331fa312c06bda8d7a5154da3f0532e142d13094457de775afb424fe
43-byte linux x86 shellcode which does the following: setuid(0);chown("/tmp/n2n",0,0);chmod("/tmp/n2n", 04755);exit();
c9cfe186139032a40d3f9ddb38c191be71b284f24d4febdc1da027d250896d17
Whitepaper discussing the do_brk() bug found in the Linux kernel versions 2.4.22 and below.
f9441924d1d758b7d9e9169cafe1da43fefef7a64c59926ec655dab9173e8bdc
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
1cb5559ce2f9b37a2da3e63dc97647d133b72a1a11ce3f0299136a23683955a0
Linux/x86 shellcode that performs a chmod of 4777.
21f2087e480420ecfc1a29131d4e4f7d9ae013c5ba5f9bf03b7b9ca6cdcf21fe
Linux x86 200 byte forking portbind shellcode.
8596f6bc924b6a977ba4454ed405e1eae9f64cab5c9f56b54386872551a9c83e
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
d9f86921943b75b9e6e55ae75900ebf3a6871614561374f587e8c28663e27582
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
ed4fb0b394f06d364b96efdd261fc0f134af62fa8d51f8c903e292c39a92cdf5
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
528bce1080424a31cd75d58767c939449c114e6a662d62e98ae74c66a1129bcd
The Bridge Filter kernel patch for v2.2.22 creates a new built-in chain you can use to filter packets before the bridge. The Linux firewall and bridge functions work well but you can't filter exactly which packets are bridged. The main goal of this patch is to allow this capability.
e3d51abe7aa586c9876430bbb9e8618e9a1234c9c5cdf10823e44ead73c67068