Summary

Total Articles Found: 4

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again
  • Tool Release – insject: A Linux Namespace Injector
  • Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches
  • Some Musings on Common (eBPF) Linux Tracing Bugs

Tool Release – insject: A Linux Namespace Injector

Published: 2022-01-08 05:20:06

Popularity: None

Author: Jeff Dileo

Keywords:

  • Research
  • Tool Release
  • Virtualization, Emulation, & Containerization
  • Containers
  • injection
  • LD_PRELOAD
  • Linux namespaces
  • yolo
  • 🤖: "Linux namespace party"

    tl;dr Grab the release binary from our repo and have fun. Also, happy new year; 2021 couldn’t end soon enough. Background A while back, I was asked by one of my coworkers on the PSC team about ways in which to make their custom credit card data scanner cloud native to assess Kubernetes clusters. While … Continue reading Tool Release – insject: A Linux Namespace Injector →

    ...more

    Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches

    Published: 2021-12-29 22:38:00

    Popularity: None

    Author: Jeff Dileo

    Keywords:

  • Research
  • Tool Release
  • 🤖: "Java crashes again"

    Background Java Virtual Machines (JVMs) provide a number of mechanisms to inspect and modify the Java applications and the runtime they stand on. These include Java agents, JARs that are capable of modifying Java class files at runtime; and JVMTI agents, native libraries that can perform deep hooking into the innards of the JVM itself. … Continue reading Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches →

    ...more

    Some Musings on Common (eBPF) Linux Tracing Bugs

    Published: 2021-08-06 04:54:28

    Popularity: None

    Author: Jeff Dileo

    Keywords:

  • Research
  • eBPF
  • Linux kernel
  • Linux kernel tracing
  • system observability
  • tracee
  • Having been in the game of auditing kprobe-based tracers for the past couple of years, and in light of this upcoming DEF CON on eBPF tracer race conditions (which you should go watch) being given by a friend of mine from the NYU(-Poly) (OSIR)IS(IS) lab, I figured I would wax poetic on some of the … Continue reading Some Musings on Common (eBPF) Linux Tracing Bugs →

    ...more

    ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again

    This post is a technical discussion of the underlying vulnerability of CVE-2020-15257, and how it can be exploited. Our technical advisory on this issue is available here, but this post goes much further into the process that led to finding the issue, the practicalities of exploiting the vulnerability itself, various complications around fixing the issue, … Continue reading ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again →

    ...more

    end