by citypw and an anonymous dude “As long as there is technology, there will be hackers. As long as there are hackers, there will be PHRACK magazine.” — The Circle of Lost Hackers on Phrack issue 64 As long as there are bugs, there will be vulnerablities. As long as there are vulnerablities, there will be regular/stable/weaponized exploits. Bug hunting is one of most important issues that we’ve been fighting for decades in FLOSS community.

by zet Build the Clang Toolchains for Android The following process is used to build the Clang that is used by both the Android platfrom and the NDK. And this process is done in the AOSP tree. Both GNU/Linux and Windows toolchains are built on GNU/Linux machines. Windows host binaries are built with mingw. My developing environment is Linux Mint 17.3 Source versions in AOSP Create the work directory mkdir working_directory TOOLCHAINS_BUILD_TOP=work_direcory # optional, only for clear description # below export TOOLCHAINS_BUILD_TOP cd work_directory # build will be done in this directory There are two versions Clang/LLVM code tree in AOSP, the first is: aosp/platform/external/(clang|llvm), and the second is: aosp/toolchain/(clang|llvm).

By Pray3r -[ 0. About this documentation I am researching linux kernel exploitation for the outline and reference books/papers. I will keep update this list and share some of my findings on HardenedLinux. If you have any questions or suggestions don’t hesitate to contact me. -[ 1. Review Linux Memory Management -[ 2. Exploitation -[ 2.1 Attack Surface -[ 2.2 A Taxonomy of Kernel Vulnerabilities -[ 2.3 Finding VULNS/BUGS -[ 2.

By citypw –[ CONTENTS About this doc Build and install customized kernel with PaX/Grsecurity patch PaX flags: paxctl-ng & pax-bites Kernel tuning Networking Sandboxing: seccomp Crypto 6.1 Entropy 6.2 Daily bread ##–[ 0. About this documentation We just celebrated another new year a couple of days ago, which means it’s 2016 already. A another new year usually just brings us to another fight.

project STIG-4-Debian will be soonn…. Debian GNU/Linux security checklist and hardening –[ CONTENTS About this doc Security updates Vulnerability Assessment 2.1 GCC mitigation 2.2 0ld sch00l *nix file auditing 2.3 GNU/Linux’s auditd 2.4 T00ls Kernel security 3.1 Apparmor 3.2 SELinux 3.3 Mempo kernel 3.3.1 PaX\/Grsecurity SSL/TLS Checklist 4.1 Ciphersuites in Apache2/Nginx 4.2 OpenSSH 4.2.1 OpenSSH in post-prism era Web security

Update( May 28 2015) The porting work of the PaX patch already done. We tested it with Towel & KINGROOT. The result as expected: they all failed to root the Android 5.0.2 with kernel code base from 2014. Perhaps, we might try to make GRSEC & RBAC into the Android in the future……… armv7-nexus7-grsec PaX/Grsecurity patch for Nexus7, which the original version is 3.4 kernel based with a bunch of backport features and fixes.