Even if a process uses seccomp and limited to exit, read and write, could I still do harm? And if I can, how is it possible to exploit a system like that?
Asked
Active
Viewed 897 times
1 Answers
1
The exploitation of such a system depends on a variety of factors such as: it depends on how the rules for seccomp were written or it depends on whether there are other vulnerabilities in the program. For example, using the retf instruction, you can switch from a 64bit system to 32bit, which allows you to perform different syscalls (32bit: https://www.informatik.htw-dresden.de/~beck/ASM/syscall_list.html, 64bit: http://blog.rchapman.org/posts/Linux_System_Call_Table_for_x86_64/) But a way to bypass the seccomp, I personally do not know.
Florin
- 107
- 1
- 3
- 11