arno/kernel_rop
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fixed readme

Browse Source
This commit is contained in:
Vitaly Nikolenko 2016-01-20 15:06:35 +11:00
parent d40047300c
commit 8e7160d7dd
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -1,4 +1,4 @@
# Linux Kernl ROP demo # Linux Kernel ROP demo
This is a vulnerable Linux kernel driver used to demonstrate in-kernel This is a vulnerable Linux kernel driver used to demonstrate in-kernel
privilege escalation ROP (Return Oriented Programming) chain in practice. The privilege escalation ROP (Return Oriented Programming) chain in practice. The
@ -13,3 +13,11 @@ the function address to be executed.
* drv.c - vulnerable kernel driver * drv.c - vulnerable kernel driver
* trigger.c - user-space application to trigger the OOB access via the provided * trigger.c - user-space application to trigger the OOB access via the provided
ioctl ioctl
The goal is to construct and execute a ROP chain that will satisfy the
following requirements:
* Execute a privilege escalation payload
* Data residing in user space may be referenced (i.e., "fetching" data from
user space is allowed)
* Instructions residing in user space may not be executed