Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200418210501.GA21441@pi3.com.pl>
Date: Sat, 18 Apr 2020 23:05:01 +0200
From: Adam Zabrocki <pi3@....com.pl>
To: lkrg-users@...ts.openwall.com
Subject: Re: testing LKRG

Hi,

On Sat, Apr 18, 2020 at 07:01:29PM +0000, Mikhail Klementev wrote:
> Hello,
> 
> I have a collection of exploits: https://github.com/jollheef/lpe
> 
> It's based on the tool https://github.com/jollheef/out-of-tree
> 

Thanks Mikhail for the links and your work :)

> If you'll make an LKRG integration for the tool (it already has the
> ability to disable/enable mitigations), then you get the ability to
> test any exploits that already use out-of-tree.
> 
> On Sat, Apr 18, 2020 at 06:20:47PM +0000, Patrick Schleizer wrote:
> > Are there any tests that one could perform to check if LKRG is functional?
> > 
> > I.e. such as are there are proof of concept exploits that still (and
> > will continue) to work against recent kernels? Maybe no longer
> > exploitable but still something LKRG would kill? Or some other method to
> > make LKRG do something?
> > 

I've my private repo of exploits against vulnerable kernel module which I've 
written (basic one). However, It does not cover all LKRG's functionalities. 
Rest of them I'm manually emulating under debugger.

Thanks,
Adam

> > Background is I am wondering what LKRG would output to dmesg if an
> > actual exploit would be stopped with log_level 1 (or 0) and it's a bit
> > tedious to downgrade the kernel to run a documented proof of concept
> > exploit from that time.
> > 
> > Kind regards,
> > Patrick
> 
> -- 
> Mikhail Klementev,
> https://dumpstack.io

-- 
pi3 (pi3ki31ny) - pi3 (at) itsec pl
http://pi3.com.pl

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.