In this post I will cover briefly how to modify the memory of running process in real-time. The example chosen for this demonstration is simple. The main purpose is to show the approach rather than make it look sophisticated. However, you can take it as far as you wish, depending on your objectives. In future… Continue reading Targeted process injection – Linux
Category: Research
exploit development and other research
CVE-2021-3156 Sudo Heap-based buffer overflow exploit
Key facts The CVE-2021-3156 vulnerability in sudo is an interesting heap-based buffer overflow condition that allows for privilege escalation on Linux and Mac systems, if the vulnerability is exploited successfully. The bug in sudo was disclosed by Qualys researchers on their blog/website which you can find here. All relevant details are listed there. Further technical… Continue reading CVE-2021-3156 Sudo Heap-based buffer overflow exploit