Infecting the Kernel Image

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
Another way to get code into the kernel is to patch the kernel image itself. We will illustrate in this chapter a simple patch to remove security controls from the NT kernel. Any piece of code can be modified in such a way. One needs to be sure to correct any integrity checks in the code, such as the file check-sum. An article on patching the Linux kernel can be found in th Phrack Magazine, issue 60, Article 8: "Static Kernel Patching" by jbtzhm.

Excerpt from: "Exploiting Software, How to Break Code"
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top