SuSE

Stealth

IRL Name:

Sebastian Krahmer

Biography:

A hacker that is known for his expertise in software and network trickery.

In 2000, found a vulnerability in kreatecd, a local root compromise for SuSE 6.x and Halloween Linux Version 4.

In 2009, Sebastian Krahmer identified a vulnerability in udevd where it incorrectly assumed that messages arriving on its NETLINK socket would always come from the kernel. Any local unprivileged user may send a unicast or multicast NETLINK message to udevd, which it will treat as a privileged message from the kernel. This would allow a user to (for example) instruct udevd to create a /dev/random device file with chosen minor and major device numbers, giving RWX permissions to any device that the attacker chooses. That's game over, kids.

Among other things, he wrote a paper entitled "Hardened OS exploitation techniques"; speaking of "PaX", and "GRSECURITY".

Facts

Owns http://c-skills.blogspot.com/

Either worked for or still works for SuSE Linux.

Rumors

Provides all bugs/information he finds early to members of TESO security.

References

http://74.125.95.104/search?q=cache:GC5CRa67gFAJ:https://eldorado.uni-do...

http://www.hackinthebox.org/modules.php?op=modload&name=News&file=articl...

http://www.security-express.com/archives/bugtraq/2000-03/0162.html

http://www.kiblix.org/2003/eng/lecturers/krahmer.htm

http://pwnies.com/archive/2009/nominations/