ARM exploitation for IoT – Episode 1

Introduction and motivation Few weeks ago while attending a conference I noticed that the proposed ARM exploitation course for IoT price tag was quite substantial and decided to write my own, to allow those who can’t to spend that much to still be able to study the topic. I will present this course in three different […]

Kaspersky Hooking Engine Analysis

In this article we will talk about a few hooking techniques used by antivirus software. For the purpose of this analysis the antivirus chosen will be Kaspersky ( PURE 3.0 Total Security), we will deal with various hooking techniques used both at user and kernel mode. The reference operating system will be Windows 7 Professional 32-bit. The image below shows […]

CVE-2013-1763 sock_diag_handlers Local Root Exploit Analysis

In this article we will analyze the exploit released by Kacper Szczesniak for CVE -2013-1763. In simple terms this exploit takes advantage of a vulnerability at kernel-level of the array sock_diag_handlers, and allows a local user to gain privileges of “root” on the system. Before starting the analysis, however, the underlying concept should be clarified: in Linux systems, […]