Andrey Konovalov sitere na Google ụzọ iji gbanyụọ nchedo enyere na ngwugwu Linux kernel bu Ubuntu (usoro a tụrụ aro n'usoro na-arụ ọrụ na kernel nke Fedora na nkesa ndị ọzọ, mana anaghị anwale ha).
Mkpọchi na-egbochi onye ọrụ ohere ịnweta kernel ma gbochie UEFI Secure Boot bypass ụzọ. Dịka ọmụmaatụ, na ọnọdụ mkpọchi, ịnweta / dev/mem, / dev/kmem, / dev/port, /proc/kcore, debugfs, kprobes debug mode, mmiotrace, tracefs, BPF, PCMCIA CIS (Kaadị Ozi Structure), ụfọdụ interfaces nwere oke ACPI na ndekọ MSR nke CPU, akpọchie oku kexec_file na kexec_load, amachibidoro ọnọdụ ụra, amachibidoro iji DMA maka ngwaọrụ PCI, amachibidoro mbubata koodu ACPI site na mgbanwe EFI, adịghị eji ọdụ ụgbọ mmiri I/O eme ihe. ekwe, gụnyere ịgbanwe nọmba nkwụsịtụ yana ọdụ ụgbọ mmiri I/O maka ọdụ ụgbọ mmiri.
Agbakwunyere usoro mkpọchi n'oge na-adịbeghị anya na kernel Linux bụ isi , ma na mkpụrụ ndụ ndị a na-enye na nkesa, a ka na-emejuputa ya n'ụdị patches ma ọ bụ tinye ya na patches. Otu n'ime ihe dị iche n'etiti ihe mgbakwunye na-enye na ngwa nkesa na mmejuputa a rụrụ n'ime kernel bụ ikike iji gbanyụọ mkpọchi a na-enye ma ọ bụrụ na ị nwere ike ịnweta usoro ahụ.
Na Ubuntu na Fedora, a na-enye nchikota igodo Alt + SysRq + X iji gbanyụọ mkpọchi. Aghọtara na enwere ike iji Nchikota Alt + SysRq + X naanị iji nweta ngwaọrụ ahụ, na n'ihe gbasara hacking ime ime na ịnweta ohere mgbọrọgwụ, onye mwakpo ahụ agaghị enwe ike gbanyụọ Lockdown na, dịka ọmụmaatụ, buru ibu a. modul nwere rootkit na-abanyeghị na dijitalụ n'ime kernel.
Andrey Konovalov gosipụtara na ụzọ dabere na kiiboodu maka ịkwado ọnụnọ anụ ahụ onye ọrụ adịghị arụ ọrụ. Ụzọ kacha mfe iji gbanyụọ Lockdown ga-abụ na mmemme ịpị Alt + SysRq + X site na / dev/uinput, mana egbochiri nhọrọ a na mbụ. N'otu oge ahụ, ọ ga-ekwe omume ịchọpụta ma ọ dịkarịa ala ụzọ abụọ ọzọ nke nnọchi Alt+SysRq+X.
Usoro nke mbụ gụnyere iji interface "sysrq-trigger" - iji mee ka ọ dị, mee ka interface a nwee ike ide "1" ka /proc/sys/kernel/sysrq, wee dee "x" na /proc/sysrq-trigger. kwuru loophole na December Ubuntu kernel update na Fedora 31. Ọ bụ ihe kwesịrị ịrịba ama na ndị mmepe, dị ka ọ dị na / dev/uinput, na mbụ. gbochie usoro a, mana igbochi anaghị arụ ọrụ n'ihi na koodu.
Usoro nke abụọ gụnyere iṅomi ahụigodo site na wee zipu usoro Alt+SysRq+X site na ahụigodo mebere. A na-akwado kernel USB/IP na Ubuntu site na ndabara (CONFIG_USBIP_VHCI_HCD=m na CONFIG_USBIP_CORE=m) ma na-enye modul usbip_core na vhci_hcd bịanyere aka na dijitalụ achọrọ maka ịrụ ọrụ. Onye na-awakpo nwere ike ngwaọrụ USB mebere, onye na-ahụ maka netwọkụ na interface loopback na ijikọ ya dị ka ngwaọrụ USB dịpụrụ adịpụ site na iji USB/IP. Banyere usoro akọwapụtara nye ndị mmepe Ubuntu, mana ewepụtabeghị ndozi.
isi: opennet.ru