Showing 1 - 14 of 14

Files

StJude_LKM-0.23.tar.gz: Posted Dec 7, 2005; Authored by Rodrigo Rubira Branco | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: StJude/StMichael now has Rodrigo Rubira Branco as its new maintainer. This release fixes compilation problems with 2.4 kernels and also support the newest StMichael (version 0.12).; tags | remote, kernel, local, root; systems | linux; SHA-256 | 346d9edcd3235baec8b9dd85be165c5fd6c0f93f2a6bf3252ac21640c24cc291; Download | Favorite | View

StJude_LKM-0.22.tar.gz: Posted Oct 28, 2002; Authored by Tim Lawless | Site wwjh.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Redhat 8.0's attempt to stop module rootkits stopped StJude as well - added code to discover the sys_call_table during initialization on systems with a non-exported sys_call_table. Fixed some bugs and include problems.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 1d72affc7e06f7cbad96d2f3c0eab42e93abbff260cf5fbb62b13dfcbdf5468e; Download | Favorite | View

StJude_LKM-0.21.tar.gz: Posted Aug 7, 2002; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Addition of Self Integrity Checks to Detect Attacks against StJude itself, Addition of configuration options to hard-code memory offsets into the source instead of discovery during load time permitting the loading of Stmichael from an initrd, before init spawns and the filesystems are mounted. Added in Kernel Licensing Code to Identify the Kernel License for Newer kernels - No more Tainted Kernels. Really Immutable filesystem support for ext3 fs added. Includes modifications to work with more recent ac kernels.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 18ba017359747bd64ce087008e2e9a292252a6d9659754a1fc1928b307b99330; Download | Favorite | View

StJude_LKM-0.20.tar.gz: Posted Jul 30, 2001; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Introduced kernel integrity checking, and module support on systems that require module support. Added Read-Only /dev/kmem support. Eliminated the double-execve problem. New configuration script simplifies platform identification, and selection of compile-time options. Updated checks, verified compatibility with 2.4.7, and updated documentation. Changed license to GNU.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 10ed91c76ecba958bba10ae5f2976871efdc47add4787b162dbce8be5ca574c9; Download | Favorite | View

StJude_LKM-0.12.tar.gz: Posted Apr 6, 2001; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Updated checks and verified compatibility with 2.4.3, and fixed some theoretical bugs.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 9e042e8ecd4bbafd3dca641ff8fa9f48f4ea1fb717af57f9a4757911c51662a0; Download | Favorite | View

StJude_LKM-0.11.tar.gz: Posted Mar 20, 2001; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Several compilation problems are fixed, in addition to a bug where if a process exec'd() without forking, and it was an override rule -- the first execution wouldn't be recorded through learning.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 96e04303160a68d54a4aa8a20b4c0084a12f42e3081363121c48adc0914ea087; Download | Favorite | View

StJude_LKM-0.10.tar.gz: Posted Mar 19, 2001; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: This is the most stable version yet. Tested with kernel 2.4. Added Learning Parser to facilitate the generation of the Rulebase from the Learning Mode output. Combined with the Override directive, remote root attacks may be thwarted.; tags | remote, kernel, local, root; systems | linux; SHA-256 | f7f922f8f16946ab95f37c07600d7d52e13c7d3e3b2865374f613ca83947a95c; Download | Favorite | View

StJude_LKM-0.07.tar.gz: Posted Mar 19, 2001; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.; Changes: Fixes problems on some of the newer Linux distributions. Makefile can now find include files better.; tags | remote, kernel, local, root; systems | linux; SHA-256 | c105819d64f6618d2359f51876d4b6557c65033cc7bb9236e94192f35a1f1e23; Download | Favorite | View

StJude_LKM-0.06.tar.gz: Posted Dec 17, 2000; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.; Changes: Fixed some broken code from 0.05 due to a 2AM release.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 3e8c3b45c5408af069bcf8afd580a27ef66c4ba362fb62e8019194ddb54b3518; Download | Favorite | View

StJude_LKM-0.05.tar.gz: Posted Dec 15, 2000; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.; Changes: Added new response method which will execute an external command to record and deal with the intrusion. It is likely to be noted by an astute individual that this also affords the opportunity to counter-attack the attacker, using their control channel against them.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 0a1f1e745c9305728343c29b50726a9384d6f9f0123caec99ec9473b156315fb; Download | Favorite | View

StJude_LKM-0.04.tar.gz: Posted Nov 2, 2000; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for 2.2.11 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Fixed bugs, added a Makefile, hid the old execve better, added a homepage.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 37643ba93bc57afffa0b2696e08bb971606429da0f856cdd4260620c42f1b387; Download | Favorite | View

StJude_LKM-0.03.tar.gz: Posted Aug 11, 2000; Authored by Tim Lawless; Saint Jude LKM is a Linux Kernel Module for 2.2.11 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Support for SMP kernels, module-sealing is enabled, and a memory leak fix.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 7a4167f795924aff6fa44181378b1bca05d209648a56ee122e5379cb791f53d9; Download | Favorite | View

StJude_LKM-0.02.tar.gz: Posted Jul 29, 2000; Authored by Tim Lawless; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Fixed bug which would prevent the setreuid syscal from being restored upon exit.; tags | remote, kernel, local, root; systems | linux; SHA-256 | e6bee285fc2507dd3ee0f6b64ca1459171be968066027209d9f561350491b65d; Download | Favorite | View

StJude_LKM-0.01.tar.gz: Posted Jul 10, 2000; Authored by Tim Lawless; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; tags | remote, kernel, local, root; systems | linux; SHA-256 | b8ffff80b2a870a814849e863b4009e29e85f13516a906df8378915c85b8e177; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News