In this series, I’m going to write about some basic stuffs in Linux kernel exploitation that I have learned in the last few weeks: from basic environment setup to some popular Linux kernel mitigations, and their corresponding exploitation techniques.
Back when I first started playing CTF and pwning about 2 years ago, everytime I heard other people talked about kernel exploitation, it was like a very difficult and magical topic to me, I tried to get into it several times, but always didn’t know how to start because I didn’t have the sufficient knowledge about kernels and operating systems at that point. A few weeks earlier, after having learned a lot more about computer science in general and operating systems in particular, I decided to try learning kernel pwning again, from the very basic. I know it’s pretty late for a pwner like me to start learning this subject after so long, but as they always say, it’s better late than never. It turns out that this topic is not as difficult as I have always thought it to be (but for sure it’s not easy, remember that this is just the very basics that I have learned), it just requires a lot more initial in-depth knowledge and setup than normal userspace exploitation does. Therefore, it requires pwners to be quite comfortable with userland exploitation before getting into kernel exploitation.
