Reading Kernel Source Code - Analysis of an Exploit

Last video we looked at a kernel exploit against SerenityOS Kernel. This video we dig deep into the sources to find out why the vulnerability exists. After that we even attempt to find our own exploit. Part 1 - The Kernel Exploit: /watch/kn9aN705hUq5a 00:00 - Intro 00:27 - Part 1 - Linux vs. Serenity 01:17 - Finding ptrace() in Linux 01:31 - Finding ptrace() in Serenity 02:12 - Comparing Linux and Serenity ptrace() Code 04:07 - Architecture Specific Code in Linux 04:45 - Continue Comparing Linux vs. Serenity ptrace() Code 05:08 - Conclusion of Part 1 05:57 - Part 2 - hxp wisdom2 Exploit Analysis 06:44 - Reading ptrace() again 07:26 - Reading execve() code 08:46 - The Critical execve() code 09:30 - Do You Notice The Vulnerability? 10:17 - Race Condition Exploit Strategy 11:48 - Part 3 - Doing Own Research 13:15 - Doing an Experiment 15:44 - Kernel Changes for Experiment 16:00 - Failed Experiment 16:26 - Asking Andreas Kling About Scheduler Code 17:45 - Conclusion - Read More Code 18:38 - Outro -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: /channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

الفئة