Category: Linux Kernel Hacking

On any Operating System (OS) there are normally different levels of permission based on where in memory (and where on the hardware architechture) your application is running. These permission levels are known as ring 3, 2, 1, 0, -1, -2 and -3. You can imagine it as an onion with the rings getting smaller as the permissions get higher. The inner most ring being ring -3 and outter most ring being ring 3 meaning ring 3 has the lowest permission level and ring -3 has the highest permission level.

At each ring we have:

3: normal user applications (known as userland)

1 & 2: meant to be used for device drivers (LKM's) that need different levels of permission but most OS's don't implement them here

0: kernel code (kernelland) and on most OS's device drivers (LKM's)

-1: the bois (motherboard firmware)

-2: some graphics firmware

-3: IMPI or similar if avaiable

When root access is gained the first step is to try and maintain it, one of the best ways to do this is by getting your own code to run in ring 0 (kernelland), or lower. This is achievable using a loadable kernel module (LVM). Here we will learn how to create one for Linux and how to make them do fun things, during which we'll explore the Linux kernel itself.

Exploit dot PH

Application exploitation from the ground up.

recent

Linux Kernel Hacking

2014

Rootkit for Hiding Files

System Call Hooking

A Simple Character Device

First LKM