The game is starting. I love the game of removal. So, I try to remove everything until no one can say something is going on. Nothing is going on, and everything is OK. We are still far from reaching the right point, but I will explain my leisure activities around that. In this post, I will remove some files and file operations in case of sharing the symbol address with the kernel module.
Continue reading
To continue, we might consider using assembly code to further our goals. We may think about things like inline assembly in the C code. No! what about shellcodes? I think it’s very amazing to convert our assembly code to shellcode. But everything will not be so simple and, especially for more complex code, we may modify the assembly code so the shellcode can perform correctly.
Continue reading
To continue our journey, I prefer to delve deeper and embark on an adventure with Assembly. My main idea revolves around executing a piece of code directly in memory, which should be retrieved from an external machine. So, in this post, it’s good to implement a necessary functionality for our work at a lower level. One of these functionalities is retrieving content from an external machine via HTTP.
Continue reading
It is the third post in the series and, in my opinion, the most intriguing one compared to the previous two, focusing on extracting symbol addresses in Linux. This one tries to minimize the use of regular files, shared objects, and file operations and minuscules the attention that is caused by the existence of files. I really love it.
Continue reading
In the previous post, I explained a challenge I faced a few months ago. We saw that I tried to handle the challenge with a hybrid solution(I named it hybrid because it uses both user-space and kernel-space code). The solution used a regular file as a shared object between user-space and kernel-space code. Honestly, my first solution did not appeal to me. Now, I want to improve the idea. Let’s see.
Continue reading
Months ago, I started working on a prototype project related to attack surface management(ASM). The project needs some kernel programming to optimize and extend some functionalities. After days of work, I faced a problem that was not a problem!
Continue reading