CENSUS was one of the sponsors of FOSSCOMM 2018, the annual free and open source communities conference, that took place this year in Heraklion, Crete. CENSUS participated in the conference with a two part presentation on Program Instrumentation.
The recent key reinstallation attacks (KRACK) against the WPA2 protocol revealed how an adversary can easily eavesdrop, and in some cases
tamper, a Wi-Fi connection secured by the WPA2 protocol. At the same
time, Wi-Fi automatic association attacks achieve a similar result
(man-in-the-middle position) not by attacking the WPA2 protocol directly
but by enforcing Wi-Fi clients to join a rogue Access Point.
Hello, my name is Nikos Naziridis and I am a security researcher at CENSUS.
In this post, I will present how SystemTap and kernel instrumentation
in general, could be used to aid the process of determining
the exploitability of unbound memory overflows and the detection of
thread race condition bugs.
In anticipation of Dan Rosenberg’s talk on exploiting the Linux kernel’s SLOB memory allocator at the Infiltrate security conference and because I recently had a discussion with some friends about the different kernel memory allocators in Linux, I decided to write this quick introduction. I will present some of the allocators’ characteristics and also provide references to public work on exploitation techniques.