what's usereland privilege escalation attack?

Discussion in '3DS - Flashcards & Custom Firmwares' started by soulskeeper, Dec 31, 2015.

  1. soulskeeper
    OP

    soulskeeper GBAtemp Regular

    Member
    190
    18
    Aug 16, 2007
    Iceland
    in the hackers video on 37:27 he mentioned this line:
    "for similar userland privilege escalation attack look up rohax"

    what was he talking about?
     
  2. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,224
    Jul 7, 2010
    United States
    /dev/random
    Getting kernel from userland. Kinda like the "run as admin" or "sudo", just not intended.
     
    soulskeeper likes this.
  3. endoverend

    endoverend AKA zooksman

    pip Contributor
    GBAtemp Patron
    endoverend is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,844
    3,549
    Jun 6, 2013
    United States
    So explained simply, most exploits, for example webkit exploits, typically only have userland access, meaning they can't control some functions because the system locks you out. So a userland privilege escalation attack is basically an exploit which allows a userland app to exploit some hole in the system to gain access to functions which the system does not normally allow.
     
    Ammako and soulskeeper like this.
  4. soulskeeper
    OP

    soulskeeper GBAtemp Regular

    Member
    190
    18
    Aug 16, 2007
    Iceland
    got it Thanks :)
     
  5. Kafke

    Kafke GBAtemp Fan

    Member
    415
    144
    Jan 2, 2009
    United States
    ROHax is a privilege escalation attack, which allows you to use more privileged functions than typically allowed. Smea used it as a part of Ninjhax for FW below 9.2. http://smealum.net/?p=517

    Edit: SNSHax does something similar but gives privileged access to the downgrade functions instead of whatever he used ROHax for in Ninjhax.
     
    Last edited by Kafke, Dec 31, 2015
    Quantumcat and soulskeeper like this.