macOS / iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1373 SOFLOWDIVERTTOKEN is a socket option on the SOLSOCKET layer. It's implemented by flowdiverttokensetstruct socket so, struct sockopt sopt in flowdivert.c. The relevant code is...

OpenBSD ICMPv6 Fragment Remote Execution Exploit PoC

No description provided by source. The PoC executes the shellcode int 3 and returns. It overwrites the extfree function pointer on the mbuf and forces a mfreem on the overflowed packet. The Impacket library is used to craft and send packets http://oss.coresecurity.com/projects/impacket.html or...