Sony Playstation 4 (PS4) 5.07 - 'Jailbreak' WebKit / 'bpf v2' Kernel Loader

PS4 5.05 Kernel Exploit --- Summary In this project you will find a full implementation of the second "bpf" kernel exploit for the PlayStation 4 on 5.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This exploit also contai...

Linux 4.4.0 < 4.4.0-53 - 'AF_PACKET chocobo_root' Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET chocoboroot Privilege Escalation', 'Description' = %q This module exploits a race condition and use-after-free in the packetsetring...

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET packetsetring Privilege Escalation', 'Description' = %q This module exploits a heap-out-of-bounds write in the packetsetring function in...

Sony Playstation 4 (PS4) - NamedObj 4.05 Kernel Exploit Writeup Vulnerability

Exploit for hardware platform in category dos / poc Table of Contents - Table of Contents - Introduction - Changes since 1.76 - Stage 1 - Information Disclosure Helpful information Vector systhrgetucontext Implementation + Thread Creation + Thread Suspension + Setup Function + Leak! + kASLR Defea...

Sony Playstation 4 (PS4) 1.76 - dlclose Linux Loader Exploit

Exploit for hardware platform in category local exploits / Code written based on info available here http://cturt.github.io/dlclose-overflow.html See attached LICENCE file Thanks to CTurt and qwertyoruiop - @kr105rlz Download:...

Sony Playstation 4 (PS4) 4.55 - Jailbreak (WebKit 5.01 / bpf Kernel Loader 4.55) Exploit

Exploit for hardware platform in category remote exploits PS4 4.55 Kernel Exploit --- Summary In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level...

Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' 'setAttributeNodeNS' WebKit 5.02 / 'bpf' Kernel Loader 4.55

PS4 4.55 Kernel Exploit --- Summary In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does not...

Jungo Windriver 12.5.1 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits // ConsoleApplication1.cpp : Defines the entry point for the console application. // include "stdafx.h" include include define device L"\\.\WINDRVR1251" define SPRAYSIZE 30000 typedef NTSTATUSWINAPI PNtAllocateVirtualMemory HANDLE...

Apple macOS - IOHIDSystem Kernel Read/Write Exploit

Exploit for macOS platform in category dos / poc Sources: https://siguza.github.io/IOHIDeous/ https://github.com/Siguza/IOHIDeous/ IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here: https://siguza.github.io/IOHIDeous/ Notice The prefetch timing attack I'm using for hid...

Apple macOS - IOHIDSystem Kernel ReadWrite

Apple macOS - IOHIDSystem Kernel ReadWrite Sources: https://siguza.github.io/IOHIDeous/ https://github.com/Siguza/IOHIDeous/ IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here: https://siguza.github.io/IOHIDeous/ Notice The prefetch timing attack I'm using for hid for so...

Apple macOS - IOHIDSystem Kernel Read/Write

Sources: https://siguza.github.io/IOHIDeous/ https://github.com/Siguza/IOHIDeous/ IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here: https://siguza.github.io/IOHIDeous/ Notice The prefetch timing attack I'm using for hid for some reason doesn't work on High Sierra 10.13...

CVE-2017-17855

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars...

Kernel Exploit for Sony PS4 Firmware 4.05 Released, Jailbreak Coming Soon

Wishing you all a very 'belated' Merry Christmas. This holiday season Santa has a very special gift for all PlayStation gamers. Developer SpecterDev finally released a fully-functional much-awaited kernel exploit for PlayStation 4 firmware 4.05 today—almost two months after Team Fail0verflow...

Sony Playstation 4 (PS4) 4.05 - Jailbreak WebKit NamedObj Kernel Loader

Sony Playstation 4 PS4 4.05 - Jailbreak WebKit NamedObj Kernel Loader PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking an...

Sony Playstation 4 4.05 FW - Local Kernel Exploit

Exploit for bsd platform in category local exploits PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level...

Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader

PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does...

CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

Google Researcher Releases iOS Exploit—Could Enable iOS 11 Jailbreak

As promised last week, Google's Project Zero researcher Ian Beer now publicly disclosed an exploit that works on almost all 64-bit Apple devices running iOS 11.1.2 or earlier, which can be used to build an iOS jailbreak, allowing users to run apps from non-Apple sources. On Monday morning, Beer...

Microsoft Windows 10 (Build 1703 Creators Update) (x86) - WARBIRD NtQuerySystemInformation Kernel Local Privilege Escalation

Microsoft Windows 10 Build 1703 Creators Update x86 - WARBIRD NtQuerySystemInformation Kernel Local Privilege Escalation / EDB Note Source https://gist.github.com/xpn/736daa4d1ff7b9869f4b3d1e9a34d315/ff2e2465d4a07588d0148dc87e77b17b41ef9d1d Source https://blog.xpnsec.com/windows-warbird-privesc/...

CVE-2017-16526

drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service general protection fault and system crash or possibly have unspecified other impact via a crafted USB device...