Date: Sat, 28 Apr 2018 11:52:50 -0400 From: Yonas Yanfa <yonas@fizk.net> To: "Peter G." <freebsd@disroot.org>, grarpamp@gmail.com, freebsd-security@freebsd.org Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Exploit Lecture: Writing FreeBSD Malware Message-ID: <c985fb3d-321c-5aca-be2d-8b089c1c2420@fizk.net> In-Reply-To: <e4d9c81d-5d08-572d-7252-36929d050d02@disroot.org> References: <CAD2Ti28qjyTsiGggPRNSqLFynrC6rTkVXLi2yuVz6pt4Yj_vuw@mail.gmail.com> <e4d9c81d-5d08-572d-7252-36929d050d02@disroot.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter, who fucking cares if he wears a hat indoors? That's some old-timey shit! Can you even explain exactly why it's such a "basic human courtesy"? Other than, "Because we've always done it that way........". And to broadcast this for the entire mailing list...WTF MATE?? Welcome to 2018. His head, his rules! #FreeTheHat #HatNazi #NoHatForYou! On 04/28/2018 08:53, Peter G. wrote: > Webb, next time when talking to any audience, remove your fucking hat. > That's basic human courtesy. > -- > PG > > On 28/04/2018 04:39, grarpamp wrote: >> https://www.youtube.com/watch?v=bT_k06Xg-BE >> >> Without exploit mitigations and with an insecure-by-default design, >> writing malware for FreeBSD is a fun task, taking us back to 1999-era >> Linux exploit authorship. Several members of FreeBSD's development >> team have claimed that Capsicum, a capabilities/sandboxing framework, >> prevents exploitation of applications. Our in-depth analysis of the >> topics below will show that in order to be effective, applying >> Capsicum to existing complex codebases lends itself to wrapper-style >> sandboxing. Wrapper-style sandbox is a technique whereby privileged >> operations get wrapped and passed to a segregated process, which >> performs the operation on behalf of the capsicumized process. With a >> new libhijack payload, we will demonstrate that wrapper-style >> sandboxing requires ASLR and CFI for effectiveness. FreeBSD supports >> neither ASLR nor CFI. Tying into the wrapper-style Capsicum defeat, >> we'll talk about advances being made with libhijack, a tool announced >> at Thotcon 0x4. The payload developed in the Capsicum discussion will >> be used with libhijack, thus making it easy to extend. We will also >> learn the Mandatory Access Control (MAC) framework in FreeBSD. The MAC >> framework places hooks into several key places in the kernel. We'll >> learn how to abuse the MAC framework for writing efficient rootkits. >> Attendees of this presentation should walk away with the knowledge to >> skillfully and artfully write offensive code targeting both the >> FreeBSD userland and the kernel. >> >> https://twitter.com/lattera/status/989602709950029824 >> >> Shawn Webb is a cofounder of HardenedBSD, a hardened downstream >> distribution of FreeBSD. With over a decade in infosec, he dabbles in >> both the offensive and defensive aspects of the industry. On the >> advisory board for Emerald Onion, Shawn believes in a more free and >> open Internet. His whole house is wired for Tor. Getting on the Tor >> network is only a network jack away! > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -- Yonas Yanfa In Love With Open Source Drupal <http://drupal.org/user/473174>; :: GitHub <http://github.com/yonas>; :: Mozilla <https://addons.mozilla.org/en-US/thunderbird/user/4614995/>; fizk.net | yonas@fizk.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c985fb3d-321c-5aca-be2d-8b089c1c2420>