The multitudinous varieties of attacks that can affect OSs are hard to keep up with, but recently I wanted to test some Linux kernel exploits to keep up with my interest in ethical hacking. Such attacks often occur once access has been gained to a system. They are sometimes used in order to achieve privilege escalation – in other words, to boost a non-root user's privileges to the level of the root user in order to gain full control of the system.
It is easy to become content with the kernel you are running and forget to install all the updates and upgrade the system when the kernel is no longer supported. Many users install long-term support (LTS) Linux systems and get so used to them after five years that they aren't in a hurry to upgrade when the service cycle ends.
This article will introduce you to some techniques intruders use to attack old kernels, and, in case you ever had any doubts, it should convince you to never fall behind on those kernel patches and updates.
To test these exploits, I needed a lab that wouldn’t cause me any associated security concerns. In this article, I’ll show you how to set up a flexible but simple lab that you can easily re-use and archive through snapshots to save your progress. Then, I’ll demonstrate how to run a kernel exploit against a vulnerable machine and, finally, how to install much older versions of the Linux kernel that you can boot into, so you can pick and choose which known vulnerabilities to practice against. It should go without saying: Only use these tools and methods on systems that you own or that you have been explicitly given permission to test against.
This story is from the #285/August 2024: Kernel Exploits edition of Linux Magazine.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the #285/August 2024: Kernel Exploits edition of Linux Magazine.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Sign In
Tracking your finances with plain text accounting Plain Numbers
If you're tired of tinkering with spreadsheets, using hledger and plain text accounting offers a simpler method for managing your finances without vendor lock-in
Dependency resolution with apt-get and apt Evolutionary Tale
Over the past 30 years, the apt family has played an important role in dependency resolution for Debian distros.
Cryptomining with Litecoin Traveling Lite
Although not as popular as headliners like Bitcoin and Ethereum, Litecoin is one of the oldest crytocurrencies, and it offers some useful features, such as dual-mining with Dogecoin.
Software Update SnoopGod
SnoopGod delivers an Ubuntu-based pentesting distribution with an emphasis on security education.
Kernel Trouble
This deep look at how intruders attack an out-of-date kernel should be enough to convince you of the need to stay vigilant.
Using Wake-on-LAN for a NAS backup Power Saver
Put your backup server to sleep when you don't need it and then wake it on demand using the Wake-on-LAN feature built into network adapters.
Time Travel
Mike Schilli uses a Go program to check whether a strategy for trading stocks is making gains or losses on the basis of historical price data.
URL filtering with Pi-hole Into the Funnel
Supporting browser plug-ins, network-based DNS blockers like Pi-hole help protect you against online tracking and unwanted content.
Artificial intelligence on the Raspberry Pi Learning Experience
You don't need a powerful computer system to use Al. We show what it takes to benefit from Al on the Raspberry Pi and what tasks the small computer can handle.
MakerSpace Manage your greenhouse with a Raspberry Pi Pico W Sheltered Growth
You can safely assign some greenhouse tasks to a Raspberry Pi Pico W, such as controlling ventilation, automating a heater, and opening and closing windows.