arno/kernel_rop
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add asciinema demo

Browse Source
This commit is contained in:
Andy 2016-10-09 15:50:37 +02:00
parent ce30b9df80
commit cc974ee475
Signed by: arno
GPG Key ID: 368DDA2E9A471EAC
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -5,6 +5,8 @@ privilege escalation ROP (Return Oriented Programming) chain in practice. The
article URL for Part 1 is available at
<https://cyseclabs.com/page?n=17012016>.
[![asciicast](https://asciinema.org/a/2yy003e6xd0s4qrfcfkurzmge.png)](https://asciinema.org/a/2yy003e6xd0s4qrfcfkurzmge)
The driver module is vulnerable to OOB access and allows arbitrary code
execution. An arbitrary offset can be passed from user space via the provided
ioctl(). This offset is then used as the index for the 'ops' array to obtain