How SUDO on Linux was HACKED! // CVE-2021-3156

Описание к видео How SUDO on Linux was HACKED! // CVE-2021-3156

The most comprehensive video covering the sudo vulnerability CVE-2021-3156 Baron Samedit. I spent two weeks on rediscovering, analysing and exploitation of the sudoedit heap overflow. We will talk about fuzzing, code review, exploit strategies, heap feng shui and developing the exploit.

https://liveoverflow.com/support

Article: https://liveoverflow.com/critical-sud...

Binary Exploitation Playlist:    • Binary Exploitation / Memory Corrupti...  
PwnFunction's Binary Exploitation Playlist:    • Binary Exploitation  

Full CVE-2021-3156 Advisory: https://packetstormsecurity.com/files...
Qualys Blog: https://blog.qualys.com/vulnerabiliti...
milek7's blog on fuzzing sudo: https://milek7.pl/howlongsudofuzz/

00:00 - Intro and Motivation
01:33 - afl: Fuzzing argv[]
03:22 - afl: sudo vs. sudoedit
04:27 - afl: Fuzzing setuid Process
06:49 - Fuzzing Conclusion
07:11 - Code Review: Identify Risky Code Through Isolation
09:39 - Code Review: Bypass Safe Conditions
11:15 - Exploit Strategy: Modern Mitigations
12:25 - The service_user Object Overwrite Technique
13:48 - Heap Feng Shui via Environment Variables
14:57 - Bruteforce Script to Find Exploitable Conditions
15:39 - Find and Analyse Useful Crashes
16:31 - Exploitability Analysis Conclusion
17:13 - Qualys Researchers Knew nss From Stack Clash
17:47 - Sudoedit Exploitable on macOs?
18:32 - Research Conclusion
19:27 - Outro

=[ ❤️ Support ]=

→ per Video:   / liveoverflow  
→ per Month:    / @liveoverflow  

=[ 🐕 Social ]=

→ Twitter:   / liveoverflow  
→ Website: https://liveoverflow.com/
→ Subreddit:   / liveoverflow  
→ Facebook:   / liveoverflow  

Комментарии

Информация по комментариям в разработке

Похожие видео