CVE-2022-0071

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

NimPackt-v1 - Nim-based Assembly Packer And Shellcode Loader For Opsec And Profit

ByCas van Cooten @chvancooten With special thanks to Marcello Salvati @byt3bl33der and Fabian Mosch @S3cur3Th1sSh1t Description Update: NimPackt-v1 is among the worst code I have ever written I was just starting out learning Nim. Because of this, I started on a full rewrite of NimPackt, dubbed...

AZL-9236 CVE-2020-35501 affecting package kernel for versions less than 5.15.41.1-1

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem...

Nimcrypt2 - .NET, PE, And Raw Shellcode Packer/Loader Written In Nim

Nimcrypt2 is yet another PE packer/loader designed to bypass AV/EDR. It is an improvement on my original Nimcrypt project, with the main improvements being the use of direct syscalls and the ability to load regular PE files as well as raw shellcode. Before going any further, I must acknowledge...

SysWhispers3 - AV/EDR Evasion Via Direct System Calls

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. Why on earth didn't I create a PR to SysWhispers2? The reason for SysWhispers3 to be a standalone version are many, but the most important are: SysWhispers3 is the de-facto "fork" used by...

Linux/x86_64 - sudo enumeration Shellcode (245 bytes)

sudo vulnerability enumeration shellcode / sudo vulnerability enumeration shellcode xordynamic - Linux/x8664 Author : Kağan Çapar contact: email protected shellcode len : 245 bytes compilation: gcc -fno-stack-protector -z execstack .c -o "disasssemble only main." 0000000000001179 : 1179: 55 push...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5266-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5266-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacke...

CVE-2021-22600

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755...

Double free

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755...

CVE-2021-22600

CVE-2021-22600 is a local kernel vulnerability in the Linux packet migration path. A double-free in packet_set_ring() within net/packet/af_packet.c can be exploited by a local user via crafted syscalls, enabling either denial of service or privilege escalation. Connected sources confirm the under...

CVE-2021-22600 Double Free in net/packet/af_packet.c leading to priviledge escalation

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755...

CVE-2021-22600

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 Recent assessments:...

CVE-2021-22600

A double free bug in packetsetring in net/packet/afpacket.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755...

Scemu - X86 32bits Emulator, For Securely Emulating Shellcodes

x86 32bits emulator, for securely emulating shellcodes. Features  rust safety, good for malware. All dependencies are in rust. zero unsafe blocks. very fast emulation much faster than unicorn 3,000,000 instructions/second 100,000 instructions/second printing every instruction -vv. powered by...

NimHollow - Nim Implementation Of Process Hollowing Using Syscalls (PoC)

Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the OSEP course by @offensive-security. AMSI...

PT-2021-1521 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to the version that includes the fix for the double free bug in packet set ring Description: A double free bug in the packet set ring function in net/packet/af packet.c can be exploited by a local user through...

SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2021:3768-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3768-1 advisory. - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process ...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:3769-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3769-1 advisory. - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15...

flatpak bug fix and enhancement update

An update is available for flatpak. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Flatpak is a system for building, distributing, and running sandboxed desktop...

ALEA-2021:4539 flatpak bug fix and enhancement update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Bug Fixes and Enhancements: CVE-2021-41133 flatpak: sandbox bypass via recent VFS-manipulating syscalls BZ2012868...