Linux Kernel Adventures
Filter mode:
Topics
Media
driver
file io
memory
reverse engineering
security
(null topic)
🗫Talk🟉
?
?
W, K, P / S, J, N Jump to previous / next timestamp
t / T Toggle theatre / SUPERtheatre mode
V Revert filter to original state Y Select link (requires manual Ctrl-c)
X, ShiftSpace Toggle category and focus previous
v Invert topics / media as per focus
Keyboard Navigation
Global Keys
[, < / ], > Jump to previous / next episodeW, K, P / S, J, N Jump to previous / next timestamp
t / T Toggle theatre / SUPERtheatre mode
V Revert filter to original state Y Select link (requires manual Ctrl-c)
Menu toggling
q Quotes r References f Filter y Link c CreditsIn-Menu and Index Controls
a
w
s
s
d
h
j
k
l
←
↑
↓
↓
→
Esc Close menu / unfocus timestamp
Quotes and References Menus and Index
Enter Jump to timestampQuotes, References and Credits Menus
o Open URL (in new tab)Filter Menu
x, Space Toggle category and focus nextX, ShiftSpace Toggle category and focus previous
v Invert topics / media as per focus
Filter and Link Menus
z Toggle filter / linking modeCredits Menu
Enter Open URL (in new tab)⏫
Previous: 'The Race to Replace C and C++'
⏫
0:01Welcome to the talk
0:01Welcome to the talk
0:01Welcome to the talk
0:11whoami
0:11whoami
0:11whoami
0:33Agenda
0:33Agenda
0:33Agenda
1:18Short Intro
1:18Short Intro
1:18Short Intro
1:23Let's learn some new things today!
1:23Let's learn some new things today!
1:23Let's learn some new things today!
2:38What's a Device Driver Anyway?
2:38What's a Device Driver Anyway?
2:38What's a Device Driver Anyway?
3:21ioctl: Overview
3:21ioctl: Overview
3:21ioctl: Overview
4:03ioctl: In code
4:03ioctl: In code
4:03ioctl: In code
4:43File Operations
4:43File Operations
4:43File Operations
5:33The Challenge: Our target for today
5:33The Challenge: Our target for today
5:33The Challenge: Our target for today
5:59Where do we start?
5:59Where do we start?
5:59Where do we start?
6:36Examine the system
6:36Examine the system
6:36Examine the system
7:31Examine the system: slots.ko
7:31Examine the system: slots.ko
7:31Examine the system: slots.ko
7:49Examine the system: The docker startup script
7:49Examine the system: The docker startup script
7:49Examine the system: The docker startup script
8:27Examine the system: /dev/kmsg file permissions
8:27Examine the system: /dev/kmsg file permissions
8:27Examine the system: /dev/kmsg file permissions
9:05Reversing slots.ko
9:05Reversing slots.ko
9:05Reversing slots.ko
9:09Examining slots.ko
9:09Examining slots.ko
9:09Examining slots.ko
9:47kaparadev_ioctl
9:47kaparadev_ioctl
9:47kaparadev_ioctl
10:12kaparadev_ioctl: Code
10:12kaparadev_ioctl: Code
10:12kaparadev_ioctl: Code
10:44Kapara's IOCTLs: Preview
10:44Kapara's IOCTLs: Preview
10:44Kapara's IOCTLs: Preview
11:16Kapara's IOCTLs: KAPARA_INIT_DA
11:16Kapara's IOCTLs: KAPARA_INIT_DA
11:16Kapara's IOCTLs: KAPARA_INIT_DA
11:59Kapara's IOCTLs: KAPARA_CREATE_OBJ
11:59Kapara's IOCTLs: KAPARA_CREATE_OBJ
11:59Kapara's IOCTLs: KAPARA_CREATE_OBJ
13:30Kapara's IOCTLs: KAPARA_CREATE_OBJ nodes
13:30Kapara's IOCTLs: KAPARA_CREATE_OBJ nodes
13:30Kapara's IOCTLs: KAPARA_CREATE_OBJ nodes
13:48Kapara's IOCTLs: KAPARA_ADD_OBJ
13:48Kapara's IOCTLs: KAPARA_ADD_OBJ
13:48Kapara's IOCTLs: KAPARA_ADD_OBJ
14:20Kapara's IOCTLs: KAPARA_ADD_OBJ nodes
14:20Kapara's IOCTLs: KAPARA_ADD_OBJ nodes
14:20Kapara's IOCTLs: KAPARA_ADD_OBJ nodes
14:33Kapara's IOCTLs: KAPARA_FIND_OBJ
14:33Kapara's IOCTLs: KAPARA_FIND_OBJ
14:33Kapara's IOCTLs: KAPARA_FIND_OBJ
14:43Kapara's IOCTLs: KAPARA_FIND_OBJ_ID
14:43Kapara's IOCTLs: KAPARA_FIND_OBJ_ID
14:43Kapara's IOCTLs: KAPARA_FIND_OBJ_ID
14:56Kapara's IOCTLs: KAPARA_DEL_LIST_OBJECT
14:56Kapara's IOCTLs: KAPARA_DEL_LIST_OBJECT
14:56Kapara's IOCTLs: KAPARA_DEL_LIST_OBJECT
15:25Kapara's IOCTLs: KAPARA_DEL_OBJ
15:25Kapara's IOCTLs: KAPARA_DEL_OBJ
15:25Kapara's IOCTLs: KAPARA_DEL_OBJ
15:40Kapara's IOCTLs: KAPARA_EASTEREGG
15:40Kapara's IOCTLs: KAPARA_EASTEREGG
15:40Kapara's IOCTLs: KAPARA_EASTEREGG
16:06Kapara's IOCTLs: KAPARA_EASTEREGG2
16:06Kapara's IOCTLs: KAPARA_EASTEREGG2
16:06Kapara's IOCTLs: KAPARA_EASTEREGG2
16:15Overview
16:15Overview
16:15Overview
16:59The road to Code Execution
16:59The road to Code Execution
16:59The road to Code Execution
17:26Read Primitive
17:26Read Primitive
17:26Read Primitive
17:55Read Primitive: /dev/kmesg
17:55Read Primitive: /dev/kmesg
17:55Read Primitive: /dev/kmesg
18:47Read Primitive: /dev/kmesg, crash reports
18:47Read Primitive: /dev/kmesg, crash reports
18:47Read Primitive: /dev/kmesg, crash reports
19:22Read Primitive: Manipulate Kernel Objects
19:22Read Primitive: Manipulate Kernel Objects
19:22Read Primitive: Manipulate Kernel Objects
19:51Read Primitive: Manipulate Kernel Objects, Process
19:51Read Primitive: Manipulate Kernel Objects, Process
19:51Read Primitive: Manipulate Kernel Objects, Process
20:14Slab: Heap Manipulation
20:14Slab: Heap Manipulation
20:14Slab: Heap Manipulation
20:58Read Primitive: Slab
20:58Read Primitive: Slab
20:58Read Primitive: Slab
21:39Read Primitive: Manipulate Kernel Objects, Doing It
21:39Read Primitive: Manipulate Kernel Objects, Doing It
21:39Read Primitive: Manipulate Kernel Objects, Doing It
22:01Read Primitive: Overview
22:01Read Primitive: Overview
22:01Read Primitive: Overview
24:14Write Primitive
24:14Write Primitive
24:14Write Primitive
24:44Write Primitive: Overwrite the Stack
24:44Write Primitive: Overwrite the Stack
24:44Write Primitive: Overwrite the Stack
26:14Write Primitive: strcpy
26:14Write Primitive: strcpy
26:14Write Primitive: strcpy
28:15Write Primitive: Examine the Stack
28:15Write Primitive: Examine the Stack
28:15Write Primitive: Examine the Stack
28:52Stack Canary
28:52Stack Canary
28:52Stack Canary
29:35Write Primitive: The future doesn't look so bright
29:35Write Primitive: The future doesn't look so bright
29:35Write Primitive: The future doesn't look so bright
31:40Write Primitive: Brainstorming
31:40Write Primitive: Brainstorming
31:40Write Primitive: Brainstorming
32:14Write Primitive: The sun rises again
32:14Write Primitive: The sun rises again
32:14Write Primitive: The sun rises again
32:29Write Primitive: Increment as a write primitive
32:29Write Primitive: Increment as a write primitive
32:29Write Primitive: Increment as a write primitive
33:54Write Primitive: What is i?
33:54Write Primitive: What is i?
33:54Write Primitive: What is i?
34:36Write Primitive: Offsets
34:36Write Primitive: Offsets
34:36Write Primitive: Offsets
35:14Write Primitive: Can we control the popularity?
35:14Write Primitive: Can we control the popularity?
35:14Write Primitive: Can we control the popularity?
35:41Write Primitive: Linked lists manipulation
35:41Write Primitive: Linked lists manipulation
35:41Write Primitive: Linked lists manipulation
36:23Write Primitive: Overview
36:23Write Primitive: Overview
36:23Write Primitive: Overview
37:47Write Primitive: Summary
37:47Write Primitive: Summary
37:47Write Primitive: Summary
38:06Root Privileges
38:06Root Privileges
38:06Root Privileges
38:26task_struct
38:26task_struct
38:26task_struct
39:16Locating task_struct
39:16Locating task_struct
39:16Locating task_struct
40:33cred struct
40:33cred struct
40:33cred struct
42:04Root Privileges: Overview
42:04Root Privileges: Overview
42:04Root Privileges: Overview
43:03Summary
43:03Summary
43:03Summary
44:28Thank You!
44:28Thank You!
44:28Thank You!
⏬
Next: 'Low-Level Academy'
⏬