Linux Exploits & Mitigation: Staging for Exploit Analysis


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Analyzing kernel vulnerabilities requires an environment to carry out the reproduction of exploits. Being able to quickly and securely stage an operating system is essential. In this course, you'll explore virtual environments and stage systems using QEMU.

You'll develop an approach to setting up virtual environments for the Linux kernel, complete with network support. You'll install Linux kernels by version and compile Linux kernels from scratch. Next, you'll investigate architectural considerations, emulate architectures in QEMU, and gather system info from your staging environment.

Finally, you'll examine vulnerability considerations that might affect the virtual environment itself and identify safeguards for protecting your computing environments when carrying out exploit analysis.

By the end of this course, you'll be able to launch an instance of Alpine Linux, configure networking options, and emulate an Alpine Linux ARM variant within a QEMU environment.



Expected Duration (hours)
1.1

Lesson Objectives

Linux Exploits & Mitigation: Staging for Exploit Analysis

  • discover the key concepts covered in this course
  • establish an approach to using virtual environments to stage exploits
  • set up QEMU and its dependencies for machine emulation and virtualization
  • launch an instance of Alpine Linux within a QEMU environment
  • mount the QEMU virtual drive to copy files into and out of a QEMU virtual machine
  • compile a version of the Linux kernel
  • configure networking options in a QEMU virtual environment
  • describe architectural considerations based on the targeted platform
  • emulate ARM in QEMU to emulate the Alpine Linux ARM variant
  • take and restore snapshots of virtual machines using QEMU Monitor
  • monitor system information from a staging environment using QEMU Monitor
  • recognize escape vulnerabilities from virtual machines to hosts
  • describe safeguards and considerations when running insecure programs in virtual environments
  • summarize the key concepts covered in this course

    • Course Number:
    it_cylxexdj_01_enus

    Expertise Level
    Intermediate