Tag: Vulnerability Research

Why is my shellcode being corrupted?

Posted on by Allele Security Intelligence in Training

In 2022, while one of our researchers was developing our Linux Binary Exploitation training, he approached me with a curious issue. During the exploitation of the simplest case of a stack-based buffer overflow, the shellcode was being corrupted on GDB. It took us a while to figure out what was happening, but we understood it. At least, we thought we had understood.

I revisited that topic this week to teach the students of our training about that case and I noticed something that I hadn’t noticed back then. I noticed that the behavior he faced was an illusion! I then started to write this blog post aiming to show the illusion GDB creates and in the middle of it, when experimenting on GDB, I came across weird behaviors that I didn’t understand immediately.

That journey led me to discover much more about GDB than I knew when I started this blog post. The main points I discovered about GDB are that a breakpoint hit is not always caused by hardware or software breakpoints, and that GDB has a feature called Displaced Stepping (or Out-Of-Line execution) that hides the execution of instructions from the user.

Continue reading “Why is my shellcode being corrupted?”

The importance of diverse knowledge in vulnerability research – The transferability of knowledge

Posted on by Allele Security Intelligence in Research

Para acessar este post em português, clique aqui.

To achieve an excellent and high-level career in Information Security, diverse and deep technical knowledge is indispensable. It is crucial to have solid experience with:

  • Network protocols;
  • Computer architecture;
  • Operating systems;
  • Programming languages;
  • Compilers, among other fundamentals.

The professional needs to have a broad range of knowledge. We are talking about high-impact careers, formed by people who work at the forefront of modern technology. Although other qualities are necessary, the focus here resides strictly on the technical aspect.

Continue reading “The importance of diverse knowledge in vulnerability research – The transferability of knowledge”

Accidentally uncovering a seven years old vulnerability in the Linux kernel

Posted on by Allele Security Intelligence in Research

Para acessar esta postagem em português, clique aqui.

Vulnerability research is at the core of Allele Security Intelligence. We have been actively researching for more than a decade, and we offer our expertise to our clients. Among the services we offer are 0day and nday vulnerability research.

In nday vulnerability research projects, in the case of the Linux kernel, we look for vulnerabilities patched upstream, that still affect major distributions even in their latest release. Usually, we find vulnerabilities patched over a year ago that still affect popular Linux distributions. We do that by auditing the Linux kernel source code, monitoring vulnerabilities submitted to mailing lists and patched upstream, checking the findings of the syzkaller fuzzer and other ways.

While doing that research, we accidentally discovered a vulnerability in the core of the TCP subsystem of the Linux kernel. It had been introduced seven years earlier. We reported it upstream, which was patched in May of last year. In this blog post, we’ll share how it happened and briefly analyze the vulnerability.

Continue reading “Accidentally uncovering a seven years old vulnerability in the Linux kernel”

EnSI 8º Edition – Cert.Bahia

Posted on by Allele Security Intelligence in Events

We will be present at the 8th Edition of the Cert.Bahia EnSI that will be held in Salvador, Bahia, on October 03, 2018 (Wednesday). In this event, we will be presenting on the following topic: Introduction to vulnerability research in the Linux kernel.

In this presentation, the audience will be introduced to vulnerability research in the Linux kernel. The presentation will be divided in two parts, initially, will be introduced what is the kernel of an operating system, passing some details on computer architecture, modes of CPU as well as what motivations to study kernels, what is Linux, its eco and subsystems, research environment and tools. In the second part, we will discuss some lessons learned about vulnerabilities that have affected or are still affecting the Linux kernel.

Continue reading “EnSI 8º Edition – Cert.Bahia”