20 matches found
Exploit for CVE-2025-8061
Lenovo-CVE-2025-8061 PoC fo...
Exploit for Use After Free in Linux Linux_Kernel
This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities, including CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955, among others. The exploits are implemented in C and use various techniques, such as KASLR and SMEP/SMAP...
Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) Local Privilege
Exploit for linux platform in category local exploits // A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and 4.8.0 kernels // - Linux Mint rosa 4.4.0 kernels //...
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
// A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on Ubuntu / Linux Mint: // - 4.8.0-34-generic // - 4.8.0-36-generic // - 4.8.0-39-generic // - 4.8.0-41-generic // - 4.8.0-42-generic // - 4.8.0-44-generic // - 4.8.0-45-generic //...
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read
// A proof-of-concept exploit for CVE-2017-18344. // Includes KASLR and SMEP bypasses. No SMAP bypass. // No support for 1 GB pages or 5 level page tables. // Tested on Ubuntu xenial 4.4.0-116-generic and 4.13.0-38-generic // and on CentOS 7 3.10.0-862.9.1.el7.x8664. // // gcc pwn.c -o pwn // // ...
Linux Kernel 4.14.7 (Ubuntu 16.04 CentOS 7) - (KASLR SMEP Bypass) Arbitrary File Read
Linux Kernel 4.14.7 Ubuntu 16.04 CentOS 7 - KASLR SMEP Bypass Arbitrary File Read // A proof-of-concept exploit for CVE-2017-18344. // Includes KASLR and SMEP bypasses. No SMAP bypass. // No support for 1 GB pages or 5 level page tables. // Tested on Ubuntu xenial 4.4.0-116-generic and...
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation
This module attempts to gain root privileges on Linux systems by abusing UDP Fragmentation Offload UFO. This exploit targets only systems using Ubuntu Trusty / Xenial kernels 4.4.0-21 'Linux Kernel UDP Fragmentation Offset UFO Privilege Escalation', 'Description' = %q This module attempts to gain...
Linux Kernel 3.5.0-23 (Ubuntu 12.04.2 x64) - SOCK_DIAG SMEP Bypass Local Privilege Escalation Exploi
Exploit for linux platform in category local exploits / based on the exploit by SynQ Modified PoC for CVE-2013-1763 with SMEP bypass Presentation: Practical SMEP Bypass Techniques on Linux Vitaly Nikolenko email protected Target: Linux ubuntu 3.5.0-23-generic 35precise1-Ubuntu SMP Fri Jan 25...
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04/16.04) - Local Privilege Escalation (KASLR / SMEP)
// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on Ubuntu trusty 4.4.0- and Ubuntu xenial 4-8-0- kernels. // // EDB Note: Also included the work from...
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation
Linux Kernel 4.8.0-41-generic Ubuntu - Packet Socket Local Privilege Escalation // A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on 4.8.0-41-generic Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308 // //...
Fortinet FortiClient 5.2.3 (Windows 10 x64 Post-Anniversary) - Local Privilege Escalation
Fortinet FortiClient 5.2.3 Windows 10 x64 Post-Anniversary - Local Privilege Escalation / Check these out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf - https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/ Tested on: - Windows 10 Pro x6...
Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation Exploit
Exploit for windows platform in category local exploits / Check this out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf Tested on: - Windows 10 Pro x64 Pre-Anniversary - hal.dll: 10.0.10240.16384 - FortiShield.sys: 5.2.3.633 Thanks to master...
Linux kernel local privilege escalation flaw in n_hdlc(CVE-2017-2636)
This article discloses the exploitation of CVE-2017-2636, which is a race condition in the nhdlc Linux kernel driver drivers/tty/nhdlc.c. The described exploit gains root privileges bypassing Supervisor Mode Execution Protection SMEP. This driver provides HDLC serial line discipline and comes as ...
HEVD kernel vulnerability training of SMEP bypass-vulnerability warning-the black bar safety net
This articles content comparison basis, but also more fun, of course, has been to see the yuan brother mentioned DVE bypass mitigation, on the DVE feel very magical, but I still do not quite understand, very want to learn. Two days before the in security client sent an article HEVD kernel...
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation Exploit
Exploit for linux platform in category local exploits // // EDB Note: More information http://seclists.org/oss-sec/2017/q1/471 // // A proof-of-concept local root exploit for CVE-2017-6074. // Includes a semireliable SMAP/SMEP bypass. // Tested on 4.4.0-62-generic 83-Ubuntu kernel. //...
Linux Kernel 4.4.0 Ubuntu DCCP Double-Free Privilege Escalation
// A proof-of-concept local root exploit for CVE-2017-6074. // Includes a semireliable SMAP/SMEP bypass. // Tested on 4.4.0-62-generic 83-Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074 // // Usage: // $ gcc poc.c -o pwn // $ ./pwn // . namespace sandbox setup...
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation
Linux Kernel 4.4.0 Ubuntu - DCCP Double-Free Privilege Escalation // // EDB Note: More information http://seclists.org/oss-sec/2017/q1/471 // // A proof-of-concept local root exploit for CVE-2017-6074. // Includes a semireliable SMAP/SMEP bypass. // Tested on 4.4.0-62-generic 83-Ubuntu kernel. //...
Microsoft Windows Win32k 特权提升漏洞( MS15-010)
来源链接:http://www.freebuf.com/vuls/90501.html FreeBuf黑客与极客(FreeBuf.COM) 原文地址:http://hdwsec.fr/blog/CVE-2015-0057.html,编译/FB小编鸢尾 概述 这是一个use-after-free内核漏洞,它能获取一个专属的write primitive操作,之后侵染临近的一个对象。这个yields语句可以在内核空间或者用户空间随意写入。...
Linux Kernel 3.5.0-23 (Ubuntu 12.04.2 x64) - SOCK_DIAG SMEP Bypass Local Privilege Escalation
Linux Kernel 3.5.0-23 Ubuntu 12.04.2 x64 - SOCKDIAG SMEP Bypass Local Privilege Escalation / based on the exploit by SynQ Modified PoC for CVE-2013-1763 with SMEP bypass Presentation: Practical SMEP Bypass Techniques on Linux Vitaly Nikolenko [email protected] Target: Linux ubuntu 3.5.0-23-gener...
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
/ based on the exploit by SynQ Modified PoC for CVE-2013-1763 with SMEP bypass Presentation: Practical SMEP Bypass Techniques on Linux Vitaly Nikolenko [email protected] Target: Linux ubuntu 3.5.0-23-generic 35precise1-Ubuntu SMP Fri Jan 25 17:13:26 UTC 2013 x8664 x8664 x8664 GNU/Linux gcc...