View Full Version : Exploiting with linux-gate.so.1

April 20th, 2006, 15:53

have a look at this paper:


it tells some nice way how to use linux-gate

regards, 0xf001

May 23rd, 2006, 02:29
hehe, that method is a bit out of date on later fedora core releases, as they randomise linux-gate.so.1 now (random mmap() base along with random library loading), and apparently fc5 has ssp enabled as well.. haven't looked too much @ fc5 yet, however.

Oh, and a plug for another project of mine: http://blacksun.labs.pulltheplug.org.

To copy and paste from the website:

blacksun is a PullThePlug wargame that is meant to help people learn more advanced exploitation techniques against hardened hosts and environments.

It is implemented by PaX patches, and the Hardened Gentoo project.

I need to get back to this and write some more levels / do some more stuff on it.

May 31st, 2006, 12:52
hi andrewg,

i have some deb boxes to play with it - and its a nice exercise

fedora does good work on security enhancements, i've realised that, olthough
i never "liked" red hat (for almost no real reason), and I don't like out of the
box kernels as well (for the same reason haha).

blacksun .... since i never can play with catalyst .... , that sounds like a good project to me, and quite a challenge reading about the security enhancements.

keep us informed!