Home

Jon Oberheide

IRL Name: 
Jon Oberheide
Biography: 

Jon Oberheide is the co-founder of of Duo Security. He completed his PhD at the University of Michigan in the realm of cloud security. He has presented at a wide range of academic, industry, and hacker security conferences (DEFCON, BlackHat, etc.). In a prior life, Jon enjoyed offensive security research and exploiting *nix. Together with Dan Rosenberg, they demonstrated an exploit technique coined Stackjacking against a customized Linux kernel hardened with the grsecurity patchset. The attack was questionable since they used a modified kernel rather than a standard Grsecurity hardened kernel with a previously known exploit.

Facts

Responsible for these exploits: Linux Kernel < 2.6.36.2 - Econet Privilege Escalation, Linux Kernel < 2.6.37-rc2 - ACPI custom_method Privilege Escalation, Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure, and many more to mention (https://www.exploit-db.com/author/?a=1507)

Together with Dan Rosenberg, they presented a topic entitled "Stackjacking Your Way to grsec/PaX Bypass" (A grsecurity/PaX exploit framework) at Hackito Ergo Sum and Immunity INFILTRATE

By the time they tried to milk their stackjacking talk at Infiltrate, spender and Team PaX had already killed their technique

Rumors

Could not get Stackjacking to work against a real life Grsecurity hardened kernel, so introduced their own bug to fool the masses

Pictures: 
References

https://jon.oberheide.org/

https://github.com/jonoberheide

https://twitter.com/jonoberheide

https://www.linkedin.com/in/jonoberheide

https://www.exploit-db.com/author/?a=1507