March 2014 - Include Security Research Blog

Reversing the Dropcam Part 1: Wireless and network communications

February 18, 2021March 27, 2014 — by Kris Brosch

The “Internet of Things” marketplace has been blowing up recently, and towards the end of last year we began seeing a lot of demand for security assessments of these types of platforms. To practice, we wanted to reverse engineer a consumer platform from scratch and look around for security vulnerabilities. What follows is the first … Read more

How to exploit the x32 recvmmsg() kernel vulnerability CVE 2014-0038

February 17, 2021March 6, 2014 — IncludeSec

On January 31st 2014 a post appeared on oss-seclist [1] describing a bug in the Linux kernel implementation of the x32 recvmmsg syscall that could potentially lead to privilege escalation. It didn’t take long until the first exploits appeared, in this blog post we’ll walk-through the vulnerability and Samuel’s Proof-of-concept exploit in detail. The Vulnerable … Read more