CVE-2023-0386

A curated list of my GitHub stars by stargazed

Awesome Stars A curated list of my GitHub stars! Generated by stargazed 🏠 Contents Bicep (2) Blade (1) C (19) C# (10) C++ (16) CSS (15) Clojure (2) Dart (3) Dockerfile (5) Elixir (1) Go (210) Groovy (7) HCL (135) HTML (33) Haskell (1) Java (63) JavaScript (223) Jinja (5) Jsonnet (4) Jupyter Notebook (15) Kotlin (4) Less (1) Liquid (1) Lua (5) MDX (2) Makefile (7) Markd

CVE-2023-0386 analysis and Exp

README gcc -Wall expc `pkg-config fuse --cflags --libs` -o exp /exp /tmp 漏洞分析 本文的理论知识（命名空间、overlay文件系统、fuse文件系统等）均来自chatGPT。 漏洞简介 漏洞编号: CVE-2023-0386 漏洞产品: linux kernel - overlay文件系统 影响范围: 511 ~ 519 利用条件: 可以unshar 或�

Hack-The-Box-TwoMillion WP

typora-copy-images-to /image Hack The Box Level TwoMillion **写在前面：**Userflag比较简单，System flag要是想弄懂原理的话难一点，单纯的用Exp很easy，但不刨根问底的Haker不是好Haker。 信息收集、扫描 拿到IP后先扫一下端口，因为公司限制扫描，这边我就贴一下别人扫描的结果： oxdf@hack

Collection of Linux Kernel exploits for CTF.

Linux kernal Exploits This repo is a collection of kernal exploits Sources githubcom/briskets/CVE-2021-3493 githubcom/UncleJ4ck/CVE-2021-41091 githubcom/xkaneiki/CVE-2023-0386 githubcom/leesh3288/CVE-2023-4911 Disclaimer I am not the author of any of this exploit

CVE-2023-0386 EXP

CVE-2023-0386 gcc -Wall expc `pkg-config fuse --cflags --libs` -o exp /exp /tmp

非常简单的CVE-2023-0386's exp and analysis.Use c and sh.

typora-copy-images-to /image CVE-2023-0386 Exp Usage: First：Upload fusec and expsh to the /tmp directory You can use scp or python3 -m httpserver upload the file to target scp ~/Desktop/CVE-2023-0386/expsh admin@101011221:/tmp scp ~/Desktop/CVE-2023-0386/fusec admin@101011221:/tmp #your machine or

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount This uid mapping bug allows a local user to escalate their privileges on the system see : ubuntucom/security/CVE-2023-

CVE-2023-0386

My Awesome List

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents Assembly Batchfile C C# C++ CSS Clojure Dart Dockerfile Elixir Go HTML Java JavaScript Jinja Jupyter Notebook Kotlin LLVM Lua Markdown Nim OCaml Others PHP Perl PowerShell Python Ren'Py Rich Text Format Ruby Rust Scala Shell Solidity Starlark Stylus Svelte TeX TypeScript Typst V VBScript Vi

A repository to store some linux exploitation and technique i've seen during my studies

Linux-Pentest A repository to store some linux exploitation and technique I've seen during my studies List of contents: Enumeration Manual Enumeration General Credential Harvesting Information Harvesting OS Network Detect Defense mechanisms Limited enumeration Automated Tools Privilege Escalation: Hardcoded passwords Privesc via mysql admin Weak file permissions

项目内包含工具涉及类别：漏洞利用工具、代审辅助、漏洞利用、靶场环境项目地址列表、漏洞扫描/序列化、密码/隧道项目地址链接、免杀项目地址列表、内网项目地址链接、应急响应项目地址列表、木马查杀、中间件工具项目链接、字典/钓鱼/社工/爆破项目目地址链接、自动化/资产项目链接、子域名/目录/指纹地址

Rttools-2 项目简介 rttools——本项目集合了在渗透测试过程中可能涉及到的所有工具，去繁化简，做高效安全测试人。 ​ 项目内包含工具涉及类别：漏洞利用工具代审辅助、漏洞利用、靶场环境、漏洞扫描/序列化、密码/隧道、免杀、内网渗透、应急响应、木马查杀、中间件工具