I am currently a university student studying a degree related to computing, and my current project is focusing on finding vulnerabilities in the Linux kernel. My goal is to both statically audit and confuse the kernel (targeting version 3.0) in an attempt to find a vulnerability.
My first question, “simple,” is to confuse the Linux kernel? I heard about people scaring a lot of protocols, etc., but not very much about kernel modules. I also understand that in a Linux system everything can be considered as a file, and therefore, of course, entry into the kernel modules should be possible through this interface, right?
My second question is: what kind of fuzzer would you suggest? As mentioned earlier, there are many fuzzers that contain fuzz protocols, but I don’t see many of them useful when attacking a kernel module. Obviously, there are frameworks like Peach fuzzer that allows you to “create” your own fuzzer from scratch and is supposedly fine, but I tried to install Peach several times, but it's hard for me to believe that it works, given the complexity I already experienced just by installing it (if anyone knows of any decent installation tutorials please let me know: P).
I would be grateful for any information that you can provide to me. Given the breadth of the topic that I have chosen, any idea of the direction is always welcome. Equally, I would like to ask people to refrain from telling me to start elsewhere. I understand the size of the task, but I will still try it independently (I am a blue sky thinker: P AKA stubborn like Ox)
Greetings
A. Smith
source share