Source Byte

Forwarded from Proxy Bar

Linux Red Team

cat /home/redteam/

1- Exploitation Techniques
2 - Privilege Escalation Techniques
3 - Persistence Techniques
4 - Defense Evasion - Hiding Linux Processes
5 - Defense Evasion - Rootkits

#linux #learn #hack

532 viewsAnastasia 🐞, 14:11

Source Byte

DirtyCred (CVE-2022-3910) for container escape
Credits @starlabs_sg

starlabs.sg/blog/2023/07-a-n…

#Linux ,#kernel , #CVE_analysis

476 viewsAnastasia 🐞, 11:35

Source Byte

Interesting writeup on how to increase the chances to hit a race condition window in Linux kernel
Credits Google Project Zero

googleprojectzero.blogspot.c…

#linux , #race_condition , #white_paper

❤‍🔥1

553 viewsAnastasia 🐞, 17:54

Source Byte

exploiting a use-after-free in Linux kernel 5.15 (Ubuntu 22.04) (CVE-2022-32250)

credit: @saidelike

research.nccgroup.com/2022/0…

#linux , #kernel , #analysis , #exploitation
__
@islemolecule_source

530 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, 11:23

Source Byte

"GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems."

Link

#linux
#redteam
#lolbin
———
@islemolecule_source

👍3

804 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, 22:32

Source Byte

Three parts series on debugging Linux kernel (gdb, kgdb, kgdboc and crash)

Part 1: blogs.oracle.com/linux/post/…
Part 2: blogs.oracle.com/linux/post/…
Part 3: blogs.oracle.com/linux/post/…

#linux , #kernel , #debug ,

785 viewsAnastasia 🐞, edited 20:05

Source Byte

The Art of Linux Persistence.pdf.pdf

6.9 MB

#book
#linux

❤5

957 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 19:25

Source Byte

Forwarded from S.E.Book

👩‍💻 The Art Of Linux Persistence.

• Account Creation in Linux;
• User Account Creation;
• Root/Superuser Account Creation;
• Persistance using SSH Authorized Keys;
• Persistence using Scheduled task;
• Cron Jobs;
• Systemd Timers;
• Shell Configuration Modification;
• Dynamic Linker Hijacking;
• What is LD_PRELOAD;
• Creating malicious Shared object Library for Persistence;
• SUID binary;
- Using SUID for Persistence;
- Example Scenario;
• rc.common/rc.local;
- Using rc.local for Persistence;
- Example: Starting a Service;
• Systemd Services;
- Creating a Custom systemd Service;
- Security Considerations;
- Advantages of Using systemd Services;
• Trap;
- Using trap in Scripts;
• Backdooring user startup file;
• Using System Call;
- system Call Monitoring and Blocking;
- Method 1: Emulate/Implement System Call in User-Space;
- Method 2: Use Alternate System Calls;
- Method 3: Fudging Around Parameters;
• MOTD Backdooring;
• APT Backdooring;
• Git Backdooring;
• Config;
• Backdooring OpenVPN;
• Security Researchers.

➡️

https://hadess.io/the-art-of-linux-persistence

#Linux

Please open Telegram to view this post

VIEW IN TELEGRAM

👍1🔥1😁1

741 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1👾, 19:03

Source Byte

Exploiting an io_uring Vulnerability in Ubuntu

This post discusses a use-after-free vulnerability, CVE-2024-0582, in io_uring in the Linux kernel. Despite the vulnerability being patched in the stable kernel in December 2023, it wasn’t ported to Ubuntu kernels for over two months, making it an easy 0day vector in Ubuntu during that time.

https://blog.exodusintel.com/2024/03/27/mind-the-patch-gap-exploiting-an-io_uring-vulnerability-in-ubuntu/

#cve_analysis , #linux_internals , #CVE-2024-0582

👍3

1.44K viewsAnastasia 🐞, 05:00

Source Byte

Forwarded from Stuff for Geeks (rВНm)

https://engineers.inpyjama.com/learn/ldd-101

Linux device driver development free course

#Linux
#Course
#English

👍3❤2

1.7K viewsAnastasia 🐞, 05:48

Source Byte

Forwarded from Infosec Fortress (Amir M. Jahangirzad)

projectzero.google

From Chrome renderer code exec to kernel with MSG_OOB - Project Zero