1. Introduction Warning This post is intended for intermediate or experienced people, as I will not explain the basics of reverse engineering or exploitation. This is probably the longest write-up you’ll see on this blog. The reason is simple: I will show you the whole processus of vulnerability research, to full exploitation of a Windows OCX Controller, including failing paths (that are very interesting). I will go from a simple CVE number, with no existing public exploit and not much information on the internet, to finding the vulnerability and exploiting it to run arbitrary code on the operating system.

Every person in this community was once a begginer and it’s usually a hard domain to begin with if you’re not guided. I will try to guide you through this article and give you some tips to start your cybersecurity journey. This article is for beginners. 1. The mindset First of all, before even talking about how to begin and where, you should answer this question: why? Typically: Why do you want to learn cybersecurity?

Warning The knowledge acquired in this article is for strictly educational purposes. You are not allowed to use tools or techniques for malicious purposes: it is immoral and illegal. If you’re not sure what you’re doing, don’t. I cannot be held responsible for any misuse you may make of this knowledge. In this new series of articles “packing”, I will present to you various key technical points used by packers.

We have seen previously how to develop and integrate a system call into the Linux kernel. Now we are going to look at another form of code execution in ring 0 (kernel-land): the Linux module system. Note Don’t worry: it’s totally different from a system call, both in terms of how it works and how to integrate/test it. There are plenty of new concepts to learn here and no redundancy with the article on system calls.

In this article we will see how to: Develop a syscall in C Compile it with the Linux kernel Charge it in the syscalls table Call it from user-land In other terms: we will add our own syscall to the Linux kernel. 1. Prerequisites If you want to follow the development and test by yourself, there are a few prerequisites. Operating system running on a relatively recent Linux kernel. Usual development tools (gcc, make, …) A text editor (vim, VSCode, …) Warning In order to test the system call we will recompile the current Linux kernel and boot on it.