HardenedLinux

We are "patient" zero, so we hardened ourselves!

Jan 19, 2016 - 2 minute read - Research

An Introduction to Linux Kernel Exploitation

By Pray3r

-[ 0. About this documentation

I am researching linux kernel exploitation for the outline and reference books/papers. I will keep update this list and share some of my findings on HardenedLinux. If you have any questions or suggestions don’t hesitate to contact me.

-[ 1. Review

  • Linux Memory Management

-[ 2. Exploitation

-[ 2.1 Attack Surface

-[ 2.2 A Taxonomy of Kernel Vulnerabilities

-[ 2.3 Finding VULNS/BUGS

-[ 2.3.1 Fuzzing

Reading/Modifying these tools’ code, and I try to write new one.

-[ 2.3.2 Code Audit

-[ 2.4 Kernel Exploitation

-[ 2.5 Bypass Self-protection (Stable Exploit)

-[ 3. Reference Books

  • Linux Kernel Development, 3rd Edition – Robert Love [ Amazon]
  • Understand Linux Kernel, 3rd Edition – Daniel P. Bovet, Marco Cesati [ Amazon]
  • Linux Device Drivers, 3rd Edition – Jonathan Corbet, Alessandro Rubini, Greg Kroah-Hartman [ Amazon]
  • Understanding Linux Network Internals – Christian Benvenuti [ Amazon]
  • Understanding The Linux Virtual Memory Manager – Mel Gorman [ Amazon]
  • A Bug Hunter’s Diary: A Guided Tour Through the Wilds of Software Security – Tobias Klein [ Amazon]
  • Hacking: The Art of Exploitation, 2nd Edition – Jon Erickson [ Amazon]
  • A Guide to Kernel Exploitation: Attacking the Core – Enrico Perla B.Sc. Computer Science University of Torino M.Sc. Computer Science Trinity College Dublin, Massimiliano Oldani [ Amazon]
  • The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities – Mark Dowd, John McDonald, Justin Schuh [ Amazon]
  • Fuzzing: Brute Force Vulnerability Discovery – Michael Sutton, Adam Greene, Pedram Amini [ Amazon]
  • Fuzzing for Software Security Testing and Quality Assuranc – Ari Takanen, Jared DeMott, Charlie Miller [ Amazon]

-[ 4. Reference Papers