imisslsd

44CON uncovered

Published 21/06/2014 | By TMB

Presentation on system level vulnerabilities (as given at BT’s SnoopCon 2014). Continue reading →

Posted in Presentations | Tagged 44CON, conference, exploit, imisslsd, root, SnoopCon, UNIX

Memory Squatting: Attacks On System V Shared Memory

Published 13/11/2013 | By TMB

Rather than representing a definitive guide, this document represents a review of the specific security issues identified during Portcullis Computer Security Ltd’s recent research into System V shared memory segments and their usage. Continue reading →

Posted in Whitepapers | Tagged 44CON, analysis, exploit, imisslsd, UNIX

smaSHeM

Published 12/11/2013 | By TMB

smaSHeM is a System V shared memory segment manipulator. Continue reading →

Posted in Tools | Tagged 44CON, conference, exploit, imisslsd, UNIX

I miss LSD

Published 15/09/2013 | By TMB

Presentation on system level vulnerabilities (as given at 44CON 2013). Continue reading →

Posted in Presentations | Tagged 44CON, conference, exploit, imisslsd, root, UNIX

In the lab, popping CVE-2013-4011 for AIX 7.1…

Published 20/07/2013 | By TMB

Early this morning, whilst checking my mail, I saw an interesting advisory come out on one of the lists. The fact that it affects AIX 7.1 was particularly interesting because this is the most recent release. Unlike some of the other commercial UNIX vendors, IBM make their security patches nice and accessible, so I decided to take it for a spin. Continue reading →

Posted in Blog | Tagged AIX, analysis, CVE-2013-4011, exploit, imisslsd, root

UNIXSocketScanner

Published 31/01/2013 | By TMB

UNIXSocketScanner is a UNIX domain socket scanner. Continue reading →

Posted in Tools | Tagged 44CON, conference, imisslsd, UNIX