Advance developers Linux Kernel Data-Structures tutorial with my friend Kiran Kankipati
http://the-linux-channel.the-toffee-project.org/index.php?page=15-links-kernel-data-structures
http://the-linux-channel.the-toffee-project.org/index.php?page=15-links-kernel-data-structures
why a compiler sometimes generates faster code than handcrafted assembly?
https://stackoverflow.com/questions/40354978/why-is-this-c-code-faster-than-my-hand-written-assembly-for-testing-the-collat
https://stackoverflow.com/questions/40354978/why-is-this-c-code-faster-than-my-hand-written-assembly-for-testing-the-collat
Stack Overflow
Why does C++ code for testing the Collatz conjecture run faster than hand-written assembly?
I wrote these two solutions for Project Euler Q14, in assembly and in C++. They implement identical brute force approach for testing the Collatz conjecture. The assembly solution was assembled with...
CVE-2017-17712 net/ipv4/raw.c: raw_sendmsg() race condition
[1] rfv is not initialized and contains a pointer to a msghdr header structure.
[2], [3] There are multiple checks against inet->hdrincl without a lock.
When we achieve (by racing inet->hdrincl via setsockopt()) inet->hdrincl=1 in [1], and inet->hdrincl=0 in [2], rfv variable remains uninitialized and used in [4].
By spraying the stack with controlled user data , we can take control of msg pointer which is used later in ip_append_data().
Fixed here : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f659a03a0ba9289b9aeb9b4470e6fb263d6f483
####### BUG DETAILS ############
in net/ipv4/raw.c:
static int raw_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
{
...
struct raw_frag_vec rfv; [1]
...
...
if (!inet->hdrincl) { [2]
rfv.msg = msg;
rfv.hlen = 0;
err = raw_probe_proto_opt(&rfv, &fl4);
if (err)
goto done;
}
...
...
if (inet->hdrincl) [3]
err = raw_send_hdrinc(sk, &fl4, msg, len,
&rt, msg->msg_flags, &ipc.sockc);
else {
sock_tx_timestamp(sk, ipc.sockc.tsflags, &ipc.tx_flags);
if (!ipc.addr)
ipc.addr = fl4.daddr;
lock_sock(sk);
err = ip_append_data(sk, &fl4, raw_getfrag,
&rfv, len, 0, [4]
&ipc, &rt, msg->msg_flags);
...
}
[1] rfv is not initialized and contains a pointer to a msghdr header structure.
[2], [3] There are multiple checks against inet->hdrincl without a lock.
When we achieve (by racing inet->hdrincl via setsockopt()) inet->hdrincl=1 in [1], and inet->hdrincl=0 in [2], rfv variable remains uninitialized and used in [4].
By spraying the stack with controlled user data , we can take control of msg pointer which is used later in ip_append_data().
Fixed here : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f659a03a0ba9289b9aeb9b4470e6fb263d6f483
The 2017 SANS Holiday Hack Challenge
https://holidayhackchallenge.com/2017/
https://holidayhackchallenge.com/2017/
Docker container for django development in Ubuntu 17.10 #Tutorial
https://github.com/raminfp/docker_django
https://github.com/raminfp/docker_django
GitHub
raminfp/docker_django
docker_django - Docker container for django development in Ubuntu 17.10
Ransomware Decryption Tools Link List (in Persian)
https://cysec-co.com/ir/ransomware-decryption-tools
https://cysec-co.com/ir/ransomware-decryption-tools
Cysec-Co
بانک ابزار رمزگشایی باج افزار - اطلاعات خود را رایگان بازگردانید
اگر کامپیوتر شما به باج افزار آلوده شود چه کاری انجام می دهید ؟ آیا پرداخت انجام می دهید و یا به دنبال ابزار رمزگشایی باج افزار می گردید؟ چنانچه شما قصد تسلیم شدن در مقابل باج