Exploit the possiblities
Showing 1 - 14 of 14 RSS Feed

Files

StJude_LKM-0.23.tar.gz
Posted Dec 7, 2005
Authored by Rodrigo Rubira Branco | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: StJude/StMichael now has Rodrigo Rubira Branco as its new maintainer. This release fixes compilation problems with 2.4 kernels and also support the newest StMichael (version 0.12).
tags | remote, kernel, local, root
systems | linux
MD5 | 2fa0b58e0165b503d494cf8138246b8d
StJude_LKM-0.22.tar.gz
Posted Oct 28, 2002
Authored by Tim Lawless | Site wwjh.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Redhat 8.0's attempt to stop module rootkits stopped StJude as well - added code to discover the sys_call_table during initialization on systems with a non-exported sys_call_table. Fixed some bugs and include problems.
tags | remote, kernel, local, root
systems | linux
MD5 | 355bc6c48ce1a8d82edf83a28df0ce89
StJude_LKM-0.21.tar.gz
Posted Aug 7, 2002
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Addition of Self Integrity Checks to Detect Attacks against StJude itself, Addition of configuration options to hard-code memory offsets into the source instead of discovery during load time permitting the loading of Stmichael from an initrd, before init spawns and the filesystems are mounted. Added in Kernel Licensing Code to Identify the Kernel License for Newer kernels - No more Tainted Kernels. Really Immutable filesystem support for ext3 fs added. Includes modifications to work with more recent ac kernels.
tags | remote, kernel, local, root
systems | linux
MD5 | 975a1b5bf451a89bc8e38d466d03f459
StJude_LKM-0.20.tar.gz
Posted Jul 30, 2001
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Introduced kernel integrity checking, and module support on systems that require module support. Added Read-Only /dev/kmem support. Eliminated the double-execve problem. New configuration script simplifies platform identification, and selection of compile-time options. Updated checks, verified compatibility with 2.4.7, and updated documentation. Changed license to GNU.
tags | remote, kernel, local, root
systems | linux
MD5 | 82af381dcf19fd6d6ab29092dc9709d5
StJude_LKM-0.12.tar.gz
Posted Apr 6, 2001
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Updated checks and verified compatibility with 2.4.3, and fixed some theoretical bugs.
tags | remote, kernel, local, root
systems | linux
MD5 | 880fc6981bb8a8bc7a4b9b4590906e7c
StJude_LKM-0.11.tar.gz
Posted Mar 20, 2001
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Several compilation problems are fixed, in addition to a bug where if a process exec'd() without forking, and it was an override rule -- the first execution wouldn't be recorded through learning.
tags | remote, kernel, local, root
systems | linux
MD5 | c2d2a18ff5f4528d85759d904599fdc7
StJude_LKM-0.10.tar.gz
Posted Mar 19, 2001
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: This is the most stable version yet. Tested with kernel 2.4. Added Learning Parser to facilitate the generation of the Rulebase from the Learning Mode output. Combined with the Override directive, remote root attacks may be thwarted.
tags | remote, kernel, local, root
systems | linux
MD5 | 3f546a4f181d0c3503edb5afbd3f02aa
StJude_LKM-0.07.tar.gz
Posted Mar 19, 2001
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Fixes problems on some of the newer Linux distributions. Makefile can now find include files better.
tags | remote, kernel, local, root
systems | linux
MD5 | ce9148dbc5c4b7de94de7158736f8f5e
StJude_LKM-0.06.tar.gz
Posted Dec 17, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Fixed some broken code from 0.05 due to a 2AM release.
tags | remote, kernel, local, root
systems | linux
MD5 | 1a25c4e6e3db0751c2c2d7825c220e68
StJude_LKM-0.05.tar.gz
Posted Dec 15, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Added new response method which will execute an external command to record and deal with the intrusion. It is likely to be noted by an astute individual that this also affords the opportunity to counter-attack the attacker, using their control channel against them.
tags | remote, kernel, local, root
systems | linux
MD5 | d145e9768dc1a83974534bd301b738da
StJude_LKM-0.04.tar.gz
Posted Nov 2, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.11 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Fixed bugs, added a Makefile, hid the old execve better, added a homepage.
tags | remote, kernel, local, root
systems | linux
MD5 | 31c63fad67e2ad7181c7596115b571ac
StJude_LKM-0.03.tar.gz
Posted Aug 11, 2000
Authored by Tim Lawless

Saint Jude LKM is a Linux Kernel Module for 2.2.11 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Support for SMP kernels, module-sealing is enabled, and a memory leak fix.
tags | remote, kernel, local, root
systems | linux
MD5 | dcc56176c1d569cabf3b852184f3f903
StJude_LKM-0.02.tar.gz
Posted Jul 29, 2000
Authored by Tim Lawless

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Fixed bug which would prevent the setreuid syscal from being restored upon exit.
tags | remote, kernel, local, root
systems | linux
MD5 | 4bd7eeca77d479a36df73c38d7cff517
StJude_LKM-0.01.tar.gz
Posted Jul 10, 2000
Authored by Tim Lawless

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occuring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

tags | remote, kernel, local, root
systems | linux
MD5 | decfff99f7c1396cc26ac211f6cb649e
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close