Git Product home page Git Product logo

ecploit-kernel-4.10-linux-local's Introduction

Ecploit-kernel-4.10-linux-local

Linux kernel < 4.10.15 - Race Condition Privilege Escalation Linux kernel < 4.10.15 CVE-2017-1000112 This is a proof-of-concept local root exploit for the vulnerability in the UFO Linux kernel implementation CVE-2017-1000112.

Some details: http://www.openwall.com/lists/oss-security/2017/08/13/1

s/timerfd.c Vulnerbility Exploit Vulnerable: Kernal Google Android 0 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 http://ricklarabee.blogspot.com.tr/2017/12/adapting-poc-for-cve-2017-1000112-to.html EXPLOIT https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-1000112 // user@ubuntu:$ uname -a // Linux ubuntu 4.8.0-58-generic #6316.04.1-Ubuntu SMP Mon Jun 26 18:08:51 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

// user@ubuntu:~$ id // uid=1000(user) gid=1000(user) groups=1000(user),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(lpadmin),128(sambashare)

// user@ubuntu:$ gcc pwn.c -o pwn // user@ubuntu:$ ./pwn // user@ubuntu:/home/user# id // uid=0(root) gid=0(root) groups=0(root) https://www.exploit-db.com/exploits/41994/ Linux Kernel 4.8.0-41-generic (Ubuntu)

Exploit : https://github.com/xairy/kernel-exploits/blob/master/CVE-2017-7308/poc.c // user@ubuntu:$ uname -a // Linux ubuntu 4.8.0-41-generic #4416.04.1-Ubuntu SMP Fri Mar 3 ... // user@ubuntu:$ gcc pwn.c -o pwn // user@ubuntu:$ ./pwn // user@ubuntu:/home/user# id // uid=0(root) gid=0(root) groups=0(root) https://www.exploit-db.com/exploits/41994/ Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC) Includes a semireliable SMAP/SMEP bypass.

Exploit : https://github.com/xairy/kernel-exploits/blob/master/CVE-2017-6074/poc.c // Usage: // $ gcc poc.c -o pwn // $ ./pwn // # cat /etc/shadow // ... // daemon::17149:0:99999:7::: // bin::17149:0:99999:7::: // sys::17149:0:99999:7::: // sync::17149:0:99999:7::: // games:*:17149:0:99999:7:::

https://www.exploit-db.com/exploits/41995/ Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE'

Exploit : https://github.com/xairy/kernel-exploits/blob/master/CVE-2016-9793/poc.c // Usage: // # gcc -pthread exploit.c -o exploit // # chown guest:guest exploit // # setcap cap_net_admin+ep ./exploit // # su guest // $ whoami // guest // $ ./exploit // # whoami // root

ecploit-kernel-4.10-linux-local's People

Contributors

amrelsadane123 avatar

Stargazers

avatar

Watchers

James Cloos avatar

Forkers

gemini00 scr1ptk1tti3

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.