-
Replicating an eBPF SDIV Oops
TL;DR: Signed division is hard and sometimes it makes the kernel sad.
-
Vulnerable eBPF CTF Challenge 01
A CTF style vulnerable box where you need to find and exploit a mistake in an eBPF program that allows privilege escalation to root.
-
Interactivity is the halting problem in a trench coat.
Or: please, please, stop piping
curl
intobash
in prod. -
Stop saying eBPF when you mean cBPF.
TL;DR: Let’s detect malware that uses BPF the right way. eBPF has become a hot topic, which leads to some hype whenever BPF is found in malware. The thing is, BPF malware is nothing new and most malware is using cBPF, not eBPF. Conflating cBPF with eBPF is harmful to defenders, who really need to understand the difference between the two when writing detections.
-
Never Stop Reading: Crashing the HaikuOS Port of Cave Story
TL;DR: Cave Story for HaikuOS go SEGV.