ARM exploitation for IoT – Episode 3

In the previous episodes we have seen some basic concepts regarding ARM reversing and shellcode writing. In this last part will see a brief introduction to exploit writing and we’ll keep it as simple as possible. The list of topics is: Modify the value of a local variable Redirect the execution flow Overwrite return address […]

ARM exploitation for IoT – Episode 2

Introduction In part 1 we’ve seen an introduction in reversing of some simple ARM applications, we’ve also seen how to set up the work environment and how to write a hello world (also with syscall). In this episode we will use the same work environment. ARM shellcoding We will see some basic shellcode: Shell spawning […]

ARM exploitation for IoT – Episode 1

Introduction and motivation Few weeks ago while attending a conference I noticed that the proposed ARM exploitation course for IoT price tag was quite substantial and decided to write my own, to allow those who can’t to spend that much to still be able to study the topic. I will present this course in three different […]

Kaspersky Hooking Engine Analysis

In this article we will talk about a few hooking techniques used by antivirus software. For the purpose of this analysis the antivirus chosen will be Kaspersky (http://www.kaspersky.com/it/trials PURE 3.0 Total Security), we will deal with various hooking techniques used both at user and kernel mode. The reference operating system will be Windows 7 Professional 32-bit. The image below shows […]

CVE-2013-1763 sock_diag_handlers Local Root Exploit Analysis

In this article we will analyze the exploit released by Kacper Szczesniak for CVE -2013-1763. In simple terms this exploit takes advantage of a vulnerability at kernel-level of the array sock_diag_handlers, and allows a local user to gain privileges of “root” on the system. Before starting the analysis, however, the underlying concept should be clarified: in Linux systems, […]