CVE-2017-11176

PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR

CVE-2017-5123 PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP No KASLR The waitid implementation in upstream kernels did not restrict the target destination to copy information results This can allow local users to write to otherwise protected kernel memory, which can lead to privilege escalation Introduction In this little writeup, I will analyze a kernel vulnerability that

Cheatsheet & Research notes for my own purpose.

Research notes for my private purposes :) Contents Burp Suite Professional Docker Ubuntu Web Applications Security XSS XXE LFI ESI SSTI Request Smuggling Hackvertor SQL Injection PHP ASPNET PDF Infrastructure Network Active Directory /dev/null Unix filesystem low-level IDA PRO Heap Exploitation Mobile iOS Android Kernel Exploitation Static Code Analysis Burp Suite

SEBook Список литературы, статей, различных документов tg канала @S_E_Book Список будет дополняться каждую неделю, по мере нахождения полезного материала Меню: Книги по информационной безопасности на Русском яз�

Code execution for CVE-2017-11176

CVE-2017-11176 Proof of concept for CVE-2017-11176 for code execution Vulnerability The mq_notify function in the Linux kernel through 4119 does not set the sock pointer to NULL upon entry into the retry logic During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact Reference

CVE-2017-11176

cve-2017-11176 Public Information The mq_notify function in the Linux kernel through 4119 does not set the sock pointer to NULL upon entry into the retry logic During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact Status: Force netlink_attachskb() to return 1 Unblock th

My first try to code my own LPE exploit.

cve-2017-11176 Local Privilege Escalation develope on ubuntu 440-62 kernel about My first try to code my own LPE exploit developement line c2bbad5f471ef2b112f343fde1f4e7ff94fe28d1 triger kernel uaf d2872d5c0d642e20c807a960f99d9533dde5d809 now,we can use another thread to unblock main thread without systemtap todo exploit to get root shell reference lexfo:linux-kernel-

Binary Exploitation

Exploit-Developement I'll post some resources,writeups,exploits,source-codes in this repo Highly recommended site to learn/practice pwn : dojopwncollege/ Blogs:- wwwcswcupaedu/schen/security/ wwwbordergatecouk/category/exploit-dev/ ir0nstonegitbookio/notes/ guyinatuxedogithubio/indexhtml heap-exploitationdhava

Environment with vulnerable kernel for exploitation of the TEE driver (CVE-2021-44733)

CVE-2021-44733: Fuzzing and exploitation of a use-after-free in the Linux kernel TEE subsystem Recently a use-after-free vulnerability was discovered in the Linux kernel TEE subsystem, up to and including version 51511, and was assigned CVE-2021-44733 [1] At a first glance it did not seem to be exploitable for several reasons, however after some further analysis of the vulne

Gonna share my writeups and resources here

I'll post some resources,writeups,exploits,source-codes in this repo Highly recommended site to learn/practice pwn : dojopwncollege/ Blogs:- wwwcswcupaedu/schen/security/ wwwbordergatecouk/category/exploit-dev/ ir0nstonegitbookio/notes/ guyinatuxedogithubio/indexhtml heap-exploitationdhavalkapilcom/ gi

Container-based environment for debugging and analyzing Linux kernels using QEMU and GDB

Linux Kernel Analysis Environment Introduction The goal of the Linux Kernel Analysis Environment is to provide a starting point for analysts looking at kernel bugs This environment is inspired by the QEMU VM setup used by the syzkaller+syzbot project (githubcom/google/syzkaller/blob/master/docs/linux/setup_ubuntu-host_qemu-vm_x86-64-kernelmd) The idea is to boot a Q

A curated list of my GitHub stars!

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents ASL Assembly AutoHotkey Batchfile C C# C++ CMake CSS Clojure CoffeeScript Dockerfile F# Go Groovy HTML Haskell Java JavaScript Jupyter Notebook Kotlin Logos Lua Makefile Objective-C Objective-C++ Others PHP Pascal Perl PowerShell Prolog Python Rascal Roff Ruby Rust Scala Shell Swift TSQL TeX Typ