HITB-Invoice-Logo

regisTRATION NOW OPEN

NORMAL: USD999

Register

STUDENTS: USD250

E’rybody Gettin’ TIPC: Demystifying Remote Linux Kernel Exploitation

Date

August 25, 2022

Time

11:30

Track

Main Track

2022 has been one hell of a year for Linux exploitation, with several high profile vulnerabilities including DirtyPipe (CVE-2022-0847), Pwnkit (CVE-2021-4034) and many other equally cool but unbranded bugs (like CVE-2022-27666). Having worked on these exploits and more, from trivial to complex, I can tell you they all had one thing in common: all involved local vulnerabilities.

Follow me on a journey as I discovered a remote stack overflow in a kernel network module (CVE-2022-0435), while enumerating it for primitives to help exploit another bug entirely.

So if you’re interested in a hollistic view of the exploit development process, the nitty gritty of low level kernel exploitation or just fancy witnessing my slow descent into madness as I become a walking, talking TIPC manual then this may just be the talk for you.

Speakers

Senior Exploit Developer

Immunity Inc

Other Talks in This Track

LOCATION

Main Track

DATE

August 25

TIME

09:00

LOCATION

Main Track

DATE

August 25

TIME

15:00

LOCATION

Main Track

DATE

August 25

TIME

16:30