CVE-2019-7304

Another implementation for linux privilege escalation exploit via snap(d) (CVE-2019-7304)

snap_priv_esc Another implementation for linux privilege escalation exploit via snap(d) (CVE-2019-7304) What is snap? Snap is a software packaging and deployment system developed by Canonical for the operating systems that use the Linux kernel The packages, called snaps, and the tool for using them, snapd, work across a range of Linux distributions and allow upstream software

CVE-2019-7304 DirtySock Ressourcen: Code mit guten Comments: githubcom/initstring/dirty_sock/blob/master/dirty_sockv1py Erklaerung und Code wwwexploit-dbcom/exploits/46362 initblogcom/2019/dirty-sock/ snapd source code: githubcom/snapcore/snapd (HACKINGmd zum debuggen) snapd API doc: githubcom/snapcore/snapd/wiki/REST-API go branc

Sock Puppet is a tool for creating custom snap packages that leverage the dirtysock vulnerability to exploit snapd

Sock Puppet Purpose Sock Puppet is a tool for creating custom snaps that execute user specified commands or shell scripts using the dirty sock vulnerability in the snapd api This tool works by taking the users specified command or script and packaging it as a snap (essentially just a squashfs with some meta files) and uses the install hook like Chris Moberly's original co

Local Privilege Escalation via snapd (CVE-2019-7304) Remastered PoC exploit

dirty_sock Local Privilege Escalation via snapd (CVE-2019-7304) Remastered PoC exploit Credit goes to initstring Original dirty_sock Usage Wait ~40 seconds before executing the script again otherwise it sucks chmod u+x lpepy /lpepy

This modified exploit of the original exploit by @init_string, takes the command to execute from the command line and runs it as root. No need to compile the snap file evertime for a new payload.

Snapd V2 Modified version of the original code found here This modified exploit of the original exploit by @init_string, takes the command to execute from the command line and runs it as root This removes the need to compile a snap everytime one needs to run a different command Usage : python CVE-2019-7304py "touch /root/MUHAHA" CAUTION If the systems is connecte

所有收集类项目: 收集的所有开源工具: 超过18K, 包括Markdown和Json两种格式 逆向资源: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/Android安全/iOS安全/Window安全/Linux安全/macOS安全/游戏Hacking/Bootkit/Rootkit/Angr/Shellcode/进程注入/代码注入/DLL注入/WSL/Sysmon/ 网络相关的

所有收集类项目: 收集的所有开源工具: 超过18K, 包括Markdown和Json两种格式 逆向资源: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/Android安全/iOS安全/Window安全/Linux安全/macOS安全/游戏Hacking/Bootkit/Rootkit/Angr/Shellcode/进程注入/代码注入/DLL注入/WSL/Sysmon/ 网络相关的

GitHub Starred Repos List

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents AutoHotkey AutoIt Batchfile BlitzBasic C C# C++ CMake CSS EJS GSC Go HTML Inno Setup Java JavaScript Jupyter Notebook Kotlin Lua Markdown Nunjucks Others PHP Pascal Perl PowerShell PureBasic Python R Ruby Rust SCSS Shell SourcePawn TypeScript VBScript Visual Basic Visual Basic NET Vue YARA Aut