Skip to main content

Chrome OS : Ways to Bypass Kernel protections

Chrome OS : Ways to Bypass Kernel protections

*First Protection to Bypass : NX (Never eXecute)*

Programs usually don't need to put their code on stack, so, it's logical to prevent them from doing it and executing content from there. NX is a protection option coming from processor used to control execution rights from some pages and used by Linux kernel. In this way, the operating system can use this facility to define what pages will have code and what others will have data.

So, with this protection, we still can store our shellcode in the stack, but, we can't execute it. How to check it ?

We need to ask for the CPU features of our current machine though 'flags' and founf that >NX< flag is active, it means NX protection is on.

We can bypass this protection using something called ret2libc only if another protection called ASLR (Address Space Layout Randomization) is not used (ASLR works as like sharm on 64bits processors and not so good on 32bits). A more extended and better way is to use ROP (Return Oriented Programming) because it can use any library you got as far as you know it very well and have the conditions required (actually, ret2libc is a basic form of ROP).

Also, just for the records, stack-smashing protection will help to prevent this kind of attacks too.

Labels:

Comments

Post a Comment

Popular posts from this blog

Physical Teleportation Theoretical method to do It!

Teleportation is the ability of moving matter from one point in time and space to another point in time and space instantaneously. There are different types of teleportation available at this time both visual and physical teleportation are possible and we use visual teleportation as our starting point. Types Visual body teleportation Astral body teleportation The different types of visual teleportation are. visual body or astral body teleportation , or visual object teleportation but before we can master teleportation we must first learn the art of Telekinesis/Psychokinesis and Clairsentience and the higher state of consciousness the seventh sense. Other abilities useful in teleportation are Tele-Visualization and ESP (Extrasensory Perception). The ability of teleportation is used in Time travel, Interstellar travel, and Dimensional travel. Teleportation is the near instantaneous transport of the Psychic from one location to another and there is no other fo...
5 comments
....

How to make explosive at home

Hey guys. So I seen a few tutorials on how to make explosives at home. Most of them were pretty long and confusing, dangerous or just stupid. Well this tutorial will show you a very easy way anyone can make explosives, and it's quite stable. What you need: Acetone (C3H6O) Hydrogen Peroxide You can get these from the pharmacy. Mixing these two ingredients in a high temperature will result in Acetone Peroxide. It's not very stable when it's dry, so as long as it's wet it's more stable. This "TATP" got a bit a publicity a couple years ago, in the U.K. Underground bombings, actually. It's dangerous, just like any explosive, so be VERY careful if you plan to make this. And read about it here http://en.wikipedia.org/wiki/Acetone_peroxide I AM NOT RESPONSIBLE FOR ANYTHING YOU DO WITH THIS INFORMATION. THIS IS FOR EDUCATION PURPOSE ONLY.
Post a Comment
....

Trojan blackdoor

What is trojan backdoor ? Backdoor.Trojan is a detection name used by Symantec to identify malicious software programs that share the primary functionality of enabling a remote attacker to have access to or send commands to a compromised computer. As the name suggests, these threats are used to provide a covert channel through which a remote attacker can access and control a computer. The Trojans vary in sophistication, ranging from those that only allow for limited functions to be performed to those that allow almost any action to be carried out, thus allowing the remote attacker to almost completely take over control of a computer. A computer with a sophisticated back door program installed may also be referred to as a "zombie" or a "bot". A network of such bots may often be referred to as a "botnet". Botnets have been well publicized in the news over the years, with different instances being given specific names such as Kraken, Mariposa, or Kneber, alon...
Post a Comment
....