Home / Series / BSides Las Vegas / Aired Order / Season 2014 / Episode 43

Cluck Cluck: On Intel's Broken Promises

Cluck Cluck presents an architectural, OS-independent method for accessing arbitrary physical memory from kernel shell-code or forensics memory acquisition tools where the virtual addresses of the paging structures are not known -- 'breaking out' of virtual memory. Currently, the virtual address for the page directory is hard coded in the kernel, but this is specific to each OS and version thereof. Cluck Cluck solves the chicken and egg problem (needing access to the page structures to gain access to the page structures) at an OS-independent, architectural level, highlighting how a newer Intel feature violated existing guarantees.

English
  • Originally Aired August 5, 2014
  • Created July 24, 2019 by
    Administrator admin
  • Modified July 24, 2019 by
    Administrator admin
Name Type Role
Jacob Torrey Guest Star