Archive | Linux Hacking


17 April 2007 | 21,954 views

Damn Vulnerable Linux – DVL – IT-Security Attack and Defense

Damn Vulnerable Linux (DVL) is a Linux-based (modified Damn Small Linux) tool for IT-Security & IT-Anti-Security and Attack & Defense. It was initiated for training tasks during university lessons by the IITAC (International Institute for Training, Assessment, and Certification) and S²e – Secure Software Engineering in cooperation with the French Reverse Engineering Team. Damn Vulnerable [...]

Continue Reading


13 April 2007 | 100,409 views

BackTrack v2.0 – Hackers LiveCD Finally Released

BackTrack is the result of the merging of the two innovative penetration testing live linux distributions Auditor security collection and Whax. By combining the best features from both distributions and putting continous development energy, the most complete and finest security testing live distro was born: BackTrack BackTrack v.2.0 is finally released, it’s been a long [...]

Continue Reading


29 January 2007 | 15,865 views

Hacking your $60 Router into a $600 Router

This is a bit of hacking in the original sense of the word, taking a $60 router and giving it the capabilities of something costing in the hundreds or thousands (enterprise level). Of all the great DIY projects at this year’s Maker Faire, the one project that really caught my eye involved converting a regular [...]

Continue Reading


08 December 2006 | 9,546 views

Linux Reverse Engineering Hacker Challenge

The first round results of the Linux Reverse Engineering Hacker Challenge are out! http://www.hackerchallenge.org It was expected that an intermediate hacker with Linux experience should be able to defeat the protection(s) in less than 10 hours. Participants may earn up to $4100 USD. A total of 93 individuals registered to participate in the first Hacker [...]

Continue Reading


14 July 2006 | 15,328 views

Linux Kernel 2.6.x PRCTL Core Dump Handling – Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

A working version of the exploit used to escalate privileges to root in the recent Debian breakin, ah another root kernel exploit. It’s to do with the way the kernel handles file permissions (or lack of) on core dumps. Linux kernel is prone to a local privilege-escalation vulnerability. A local attacker may gain elevated privileges [...]

Continue Reading


13 July 2006 | 5,739 views

Debian Development Machine ‘gluck’ Hacked!

Ah, I wonder what happened? I’ve always been a great fan of Debian, all the way back into the early days of woody and backporting apt packages. What a name too, gluck to me usually means g’luck or good luck ;) Early this morning we discovered that someone had managed to compromise gluck.debian.org. We’ve taken [...]

Continue Reading


10 May 2006 | 6,286 views

MORE Sendmail Problems – Signal Handling Vulnerability

OH MY GOD, NOT ANOTHER SENDMAIL FLAW? What’s that? Yah number 1001010102121. Recently, Mark Dowd of ISS discovered a signal handling vulnerability in Sendmail. We don’t see major bugs in software that’s as popular as Sendmail very often (at least, in the Unix world anyways), and that’s probably a good thing. According to sendmail.com, Sendmail [...]

Continue Reading


04 May 2006 | 12,802 views

Homeland Security Uncovers Critical Flaw in X11

An open-source security audit program funded by the U.S. Department of Homeland Security has flagged a critical vulnerability in the X Window System (X11) which is used in Unix and Linux systems. A missing parentheses in a bit of code is to blame. The error can grant a user root access, and was discovered using [...]

Continue Reading


15 April 2006 | 36,681 views

Some Good Tips to Secure Linux

I came across this while browsing, has some pretty solid stuff, goes deeper than most basic Linux security guides. It has some good sections like this on protection against fork bombs: Fork bombs are programs that keep creating child processes until system resources are all used, they actually aren’t remote exploits because they require a [...]

Continue Reading


23 March 2006 | 9,008 views

kArp – Linux Kernel Level ARP Hijacking/Spoofing Utility

Introduction kArp is a linux patch that allows one to implement ARP hijacking in the kernel, but control it easily via userland. You may configure, enable and disable kArp via ProcFS or the sysctl mechanism. kArp is implemented almost on the device driver level. Any ethernet driver (including 802.11 drivers) is supported. The kArp code [...]

Continue Reading