Internship - Level up on Android kernel exploitation

About Quarkslab

Quarkslab builds cutting-edge cybersecurity solutions used by security-driven companies and institutions around the world. Our QShield product suite focuses on software protection and reverse engineering resistance across desktop, mobile, and embedded platforms.

We’re not in the cloud — we build real software, tested on real systems. If you enjoy diving deep into complex technical environments, automating smart test coverage, and owning quality end-to-end, read on.

Description

Over the past years exploitation of kernel vulnerabilities has become increasingly difficult and convoluted, demanding in-depth knowledge of kernel data structures, subsystems and mitigation mechanisms.

Kernel exploitation is an art as well as a craft, and keeping up to date on the latest developments provides a great learning opportunity.

This internship is about writing exploits for Linux kernel vulnerabilities.

What you will do

This internship has two primary objectives:

• Develop working exploits for one or more publicly known Linux kernel vulnerabilities.

• Development of a knowledge base on exploitation techniques and the Linux/Android kernel, documenting:

  • Kernel security mechanisms and relevant data structures

  • Kernel exploit mitigations on Android

  • Generic exploitation techniques (not necessarily kernel-specific)

  • Exploitation techniques for the Linux/Android kernel

At the end of the internship you will present your project internally to your peers, and do a public communication (blog post, paper or conference talk) about it.

Required Skills

• Strong knowledge of C and Python (intermediate)

• ARM architecture and Aarch64 assembly (basic)

• Familiarity with classic exploitation techniques (intermediate)

• Knowledge of modern exploit mitigations (basic)

• Linux user and kernel knowledge (intermediate)

• Use of kernel debuggers (intermediate)

Assignment

Contact us to receive an internship challenge to apply.