Kernel Exploitation

Software Exploitation.

You've taken your first steps into kernel exploitation with Kernel Security.

Are you ready to kick your knowledge up a notch to understand how real-world Linux kernel exploitation is done?

This module will provide you with the guide that you need to become an expert in Linux kernel exploitation.

Note 1: this is a kernel exploitation module, and requires you to run vm connect to drop into the virtual machine where the challenge is running. You can get logs using vm logs and (in Practice Mode) debug the kernel using vm debug.

Note 2: for technical reasons, we had to disable virtualization on this module. The VM will be slow --- consider doing heavy tasks like compiling in the normal workspace (e.g., in a terminal where you have not done vm connect).

Beginning Kernel Exploitation: https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/
Kernel ROP (necessary): https://lkmidas.github.io/posts/20210128-linux-kernel-pwn-part-2/
RetSpill Exploitation Technique Paper: https://adamdoupe.com/publications/retspill-ccs2023.pdf
RetSpill Exploitation Technique Demo: https://github.com/sefcom/RetSpill
CVE-2021-22555 (important): https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html