Archive for the ‘Linux hacking’ Category
Posted in Amazon AWS, Cloud hosting, docker, Google Cloud, hacking news, how to hack linux, Kubernetes, linux, linux container, Linux hacking, redhat linux, SELinux, Suse Linux, Virtualization software | Comments (0)
WikiLeaks has just published a new set of classified documents linked to another CIA project, dubbed ‘Imperial,’ which reveals details of at least three CIA-developed hacking tools and implants designed to target computers running Apple Mac OS X and different flavours of Linux operating systems.
If you are a regular reader of THN, you must be aware that this latest revelation by the
Another dangerous vulnerability has been discovered in Linux kernel that dates back to 2009 and affects a large number of Linux distros, including Red Hat, Debian, Fedora, OpenSUSE, and Ubuntu.
The latest Linux kernel flaw (CVE-2017-2636), which existed in the Linux kernel for the past seven years, allows a local unprivileged user to gain root privileges on affected systems or cause a denial
Posted in Buffer Overflow, double free vulnerability, how to hack linux, Linux hacking, Linux kernel, Linux kernel exploit, Linux Vulnerability, memory corruption vulnerability, Vulnerability | Comments (0)
A 5-year-old serious privilege-escalation vulnerability has been discovered in Linux kernel that affects almost every distro of the Linux operating system, including Redhat, and Ubuntu.
Over a month back, a nine-year-old privilege-escalation vulnerability, dubbed “Dirty COW,” was discovered in the Linux kernel that affected every distro of the open-source operating system, including Red Hat,
A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds.
The result? The act grants the hacker a shell with root privileges, which allows them to gain complete remote control over encrypted Linux machine.
The security issue relies due to a vulnerability (CVE-2016-4484) in the
An estimated 80 percent of Android smartphones and tablets running Android 4.4 KitKat and higher are vulnerable to a recently disclosed Linux kernel flaw that allows hackers to terminate connections, spy on unencrypted traffic or inject malware into the parties’ communications.
Even the latest Android Nougat Preview is considered to be vulnerable.
<!– adsense –>
The security flaw was first
A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers that can take full control over them.
How Does the Flaw Work?
Affected Software and Devices
- Virtually all distributions of Linux.
- Programming languages such as the Python, PHP, and Ruby on Rails.
- Many others that use Linux code to lookup the numerical IP address of an Internet domain.
- Most Bitcoin software is reportedly vulnerable, too.
Who are Not Affected
Where glibc went Wrong
“glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated.”
“Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow.”
Proof-of-Concept Exploit Released
Patch glibc Vulnerability
Security researchers have find out ways to hijack the Intel-compatible PCs running Linux by exploiting the physical weaknesses in certain varieties of DDR DRAM (double data rate dynamic random-access memory) chips and gaining higher kernel privileges on the system.
The technique, dubbed “rowhammer”, was outlined in a blog post published Monday by Google’s Project Zero security initiative
Posted in DRAM RowHammer Vulnerability, hacking news, Kernel Privilege Escalation, Linux hacking, memory bit flipping, memory hack, RAM hacking, sandbox bypass, Vulnerability, Zero-Day Vulnerability | Comments (0)