mirror of
https://github.com/h3xduck/TripleCross.git
synced 2025-12-24 18:33:08 +08:00
Continued with offensive capabilities, incorporated security features and started with tracing program features
This commit is contained in:
h3xduck
@@ -152,6 +152,7 @@
|
||||
\strng{authorbibnamehash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{authornamehash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{authorfullhash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\field{extraname}{1}
|
||||
\field{sortinit}{2}
|
||||
\field{sortinithash}{ed39bb39cf854d5250e95b1c1f94f4ed}
|
||||
\field{labelnamesource}{author}
|
||||
@@ -812,14 +813,17 @@
|
||||
\field{sortinithash}{5dd416adbafacc8226114bc0202d5fdd}
|
||||
\field{labelnamesource}{author}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{day}{30}
|
||||
\field{month}{6}
|
||||
\field{title}{Bounded loops in BPF for the 5.3 kernel}
|
||||
\field{year}{2019}
|
||||
\field{dateera}{ce}
|
||||
\verb{urlraw}
|
||||
\verb https://lwn.net/Articles/794934/
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://lwn.net/Articles/794934/
|
||||
\endverb
|
||||
\warn{\item Entry 'ebpf_bounded_loops' (bibliography/bibliography.bib): Invalid format '2019-06-31' of date field 'date' - ignoring}
|
||||
\endentry
|
||||
\entry{ebpf_maps_kernel}{manual}{}
|
||||
\field{sortinit}{5}
|
||||
@@ -1149,6 +1153,170 @@
|
||||
\verb https://facebookmicrosites.github.io/bpf/blog/2020/02/19/bpf-portability-and-co-re.html
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{ubuntu_caps}{manual}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{capabilities - overview of Linux capabilities}
|
||||
\verb{urlraw}
|
||||
\verb http://manpages.ubuntu.com/manpages/trusty/man7/capabilities.7.html
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb http://manpages.ubuntu.com/manpages/trusty/man7/capabilities.7.html
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{evil_ebpf_p9}{proceedings}{}
|
||||
\name{author}{1}{}{%
|
||||
{{hash=5142e68c748eb70cb619b21160eb7f72}{%
|
||||
family={Dileo},
|
||||
familyi={D\bibinitperiod},
|
||||
given={Jeff},
|
||||
giveni={J\bibinitperiod}}}%
|
||||
}
|
||||
\list{institution}{1}{%
|
||||
{NCC Group}%
|
||||
}
|
||||
\list{organization}{1}{%
|
||||
{DEFCON 27}%
|
||||
}
|
||||
\strng{namehash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{fullhash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{bibnamehash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{authorbibnamehash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{authornamehash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\strng{authorfullhash}{5142e68c748eb70cb619b21160eb7f72}
|
||||
\field{extraname}{2}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labelnamesource}{author}
|
||||
\field{eventtitle}{Evil eBPF Practical Abuses of an In-Kernel Bytecode Runtime}
|
||||
\field{pages}{9}
|
||||
\range{pages}{1}
|
||||
\verb{urlraw}
|
||||
\verb https://raw.githubusercontent.com/nccgroup/ebpf/master/talks/Evil_eBPF-DC27-v2.pdf
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://raw.githubusercontent.com/nccgroup/ebpf/master/talks/Evil_eBPF-DC27-v2.pdf
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{ebpf_caps_intro}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{[PATCH v7 bpf-next 1/3] bpf, capability: Introduce CAP\_BPF}
|
||||
\verb{urlraw}
|
||||
\verb https://lore.kernel.org/bpf/20200513230355.7858-2-alexei.starovoitov@gmail.com/
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://lore.kernel.org/bpf/20200513230355.7858-2-alexei.starovoitov@gmail.com/
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{ebpf_caps_lwn}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{capability: introduce CAP\_BPF and CAP\_TRACING}
|
||||
\verb{urlraw}
|
||||
\verb https://lwn.net/Articles/797807/
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://lwn.net/Articles/797807/
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{unprivileged_ebpf}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{Reconsidering unprivileged BPF}
|
||||
\verb{urlraw}
|
||||
\verb https://lwn.net/Articles/796328/
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://lwn.net/Articles/796328/
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{cve_unpriv_ebpf}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability}
|
||||
\verb{urlraw}
|
||||
\verb https://www.openwall.com/lists/oss-security/2022/01/11/4
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://www.openwall.com/lists/oss-security/2022/01/11/4
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{unpriv_ebpf_ubuntu}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{Unprivileged eBPF disabled by default for Ubuntu 20.04 LTS, 18.04 LTS, 16.04 ESM}
|
||||
\verb{urlraw}
|
||||
\verb https://discourse.ubuntu.com/t/unprivileged-ebpf-disabled-by-default-for-ubuntu-20-04-lts-18-04-lts-16-04-esm/27047
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://discourse.ubuntu.com/t/unprivileged-ebpf-disabled-by-default-for-ubuntu-20-04-lts-18-04-lts-16-04-esm/27047
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{unpriv_ebpf_suse}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{Security Hardening: Use of eBPF by unprivileged users has been disabled by default}
|
||||
\verb{urlraw}
|
||||
\verb https://www.suse.com/support/kb/doc/?id=000020545
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://www.suse.com/support/kb/doc/?id=000020545
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{unpriv_ebpf_redhat}{online}{}
|
||||
\field{sortinit}{8}
|
||||
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{title}{CVE-2022-0002}
|
||||
\verb{urlraw}
|
||||
\verb https://access.redhat.com/security/cve/cve-2021-4001
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://access.redhat.com/security/cve/cve-2021-4001
|
||||
\endverb
|
||||
\endentry
|
||||
\entry{8664_params_abi}{manual}{}
|
||||
\name{author}{1}{}{%
|
||||
{{hash=871f02558cb7234c22cde24811cf53a7}{%
|
||||
family={al.},
|
||||
familyi={a\bibinitperiod},
|
||||
given={H.J.\bibnamedelimi Lu},
|
||||
giveni={H\bibinitperiod\bibinitdelim L\bibinitperiod},
|
||||
prefix={et},
|
||||
prefixi={e\bibinitperiod}}}%
|
||||
}
|
||||
\strng{namehash}{871f02558cb7234c22cde24811cf53a7}
|
||||
\strng{fullhash}{871f02558cb7234c22cde24811cf53a7}
|
||||
\strng{bibnamehash}{871f02558cb7234c22cde24811cf53a7}
|
||||
\strng{authorbibnamehash}{871f02558cb7234c22cde24811cf53a7}
|
||||
\strng{authornamehash}{871f02558cb7234c22cde24811cf53a7}
|
||||
\strng{authorfullhash}{871f02558cb7234c22cde24811cf53a7}
|
||||
\field{sortinit}{9}
|
||||
\field{sortinithash}{54047ffb55bdefa0694bbd554c1b11a0}
|
||||
\field{labelnamesource}{author}
|
||||
\field{labeltitlesource}{title}
|
||||
\field{day}{28}
|
||||
\field{month}{1}
|
||||
\field{title}{System V Application Binary Interface AMD64 Architecture Processor Supplement}
|
||||
\field{year}{2018}
|
||||
\field{dateera}{ce}
|
||||
\field{pages}{148}
|
||||
\range{pages}{1}
|
||||
\verb{urlraw}
|
||||
\verb https://raw.githubusercontent.com/wiki/hjl-tools/x86-psABI/x86-64-psABI-1.0.pdf
|
||||
\endverb
|
||||
\verb{url}
|
||||
\verb https://raw.githubusercontent.com/wiki/hjl-tools/x86-psABI/x86-64-psABI-1.0.pdf
|
||||
\endverb
|
||||
\endentry
|
||||
\enddatalist
|
||||
\endrefsection
|
||||
\endinput
|
||||
|
||||
Reference in New Issue
Block a user