Exploring Memory allocation, vulnerabilities, and exploitation

Exploring Memory allocation, vulnerabilities, and exploitation

Exploring Memory allocation, vulnerabilities, and exploitation

eBPF Filter For my (first) bggp5 entry, I wanted to do something with process injection. I decided to target cURL for obvious reasons. I initially started off exploring what I could do with PTRACE, however the binary produced was pretty large (around 14kb) and I didnot have a good way of detecting when new curl processes started and attaching to them. Thinking more about the problem of detecting newly started processes, I decided to look into eBPF as an option.