Linux kernel 3.x - 5.x XFRM UAF PoC
A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.
CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc
The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf
POC:
https://github.com/duasynt/xfrm_poc
#re #expdev #linux #kernel #cve #darw1n
A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.
CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc
The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf
POC:
https://github.com/duasynt/xfrm_poc
#re #expdev #linux #kernel #cve #darw1n
Duasynt
CVE-2019-15666 Ubuntu / CentOS / RHEL Linux Kernel 4.4 - 4.18 privilege escalation - Vitaly Nikolenko
Ubuntu 18.04 16.04 14.04 / CentOS 8 / RHEL 8 kernel local privilege escalation
Materials from security track of FOSDEM 2020 were published (video, slides) https://fosdem.org/2020/schedule/track/security/ #linux #conference #fosdem #dukeBarman
archive.fosdem.org
FOSDEM 2020 - Security devroom
Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows https://github.com/microsoft/ProcMon-for-Linux #linux #dukeBarman
GitHub
GitHub - microsoft/ProcMon-for-Linux: A Linux version of the Procmon Sysinternals tool
A Linux version of the Procmon Sysinternals tool. Contribute to microsoft/ProcMon-for-Linux development by creating an account on GitHub.
Enumy - Linux post exploitation privilege escalation enumeration https://github.com/luke-goddard/enumy #links #linux #ctf #exploitation
GitHub
GitHub - luke-goddard/enumy: Linux post exploitation privilege escalation enumeration
Linux post exploitation privilege escalation enumeration - GitHub - luke-goddard/enumy: Linux post exploitation privilege escalation enumeration
Dealing with Manipulated ELF Binary and Manually Resolving Import Functions
https://forum.reverse4you.org/t/dealing-with-manipulated-elf-binary-and-manually-resolving-import-functions/11842
#reverse #linux #import #reconstruct #elf #antidebug #crackme #writeup #darw1n
https://forum.reverse4you.org/t/dealing-with-manipulated-elf-binary-and-manually-resolving-import-functions/11842
#reverse #linux #import #reconstruct #elf #antidebug #crackme #writeup #darw1n
R0 CREW
Dealing with Manipulated ELF Binary and Manually Resolving Import Functions
Source: github.com/jeffli678 This is a writeup about solving the BinaryNewbieβs Tr1cky Cr4ckm3. It is created by user BinaryNewbie, who is NOT a newbie for binary reversing. It can be downloaded at: Crackmes 5e727daa33c5d4439bb2decd.zip (6.0 KB) Weβ¦
Linux Kernel Adventures: Reversing and Exploiting a Linux Driver https://media.handmade-seattle.com/linux-kernel-adventures/ #exploitation #linux
Open Source Security Foundation (OpenSSF): Reflection and Future https://www.linuxfoundation.org/en/blog/openssf-reflection-and-future/ #security #linux #dukeBarman
KOPYCAT - Linux Kernel module-less implant (backdoor) https://github.com/milabs/kopycat #linux #exploitation
GitHub
GitHub - milabs/kopycat: Linux Kernel module-less implant (backdoor)
Linux Kernel module-less implant (backdoor). Contribute to milabs/kopycat development by creating an account on GitHub.
CVE-2021-27365: Linux kernel LPE Exploit. Now with symbols for the latest RHEL8 kernel. Get it while it's still an 0day!
Github: https://github.com/grimm-co/NotQuite0DayFriday/tree/trunk/2021.03.12-linux-iscsi
The following report discloses three distinct vulnerabilities discovered by GRIMM while researching the Linux kernel. The first vulnerability is a heap buffer overflow, the second is a kernel pointer leak, and the third is an out-of-bounds kernel memory read. All three vulnerabilities are associated with the iSCSI subsystem.
Article: https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html?m=1
#reverse #lpe #heap #bof #expdev #linux #darw1n
Github: https://github.com/grimm-co/NotQuite0DayFriday/tree/trunk/2021.03.12-linux-iscsi
The following report discloses three distinct vulnerabilities discovered by GRIMM while researching the Linux kernel. The first vulnerability is a heap buffer overflow, the second is a kernel pointer leak, and the third is an out-of-bounds kernel memory read. All three vulnerabilities are associated with the iSCSI subsystem.
Article: https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html?m=1
#reverse #lpe #heap #bof #expdev #linux #darw1n
GitHub
NotQuite0DayFriday/2021.03.12-linux-iscsi at trunk Β· grimm-co/NotQuite0DayFriday
This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly. - grimm-co/NotQuite0DayFriday
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html #exploitation #linux #dukeBarman
security-research
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
A foray into Linux kernel exploitation on Android https://mcyoloswagham.github.io/linux/ #exploitation #android #linux #dukeBarman
mcyoloswagham.github.io
A foray into Linux kernel exploitation on Android
In November of 2020, I decided to dive into the world of Android, more specifically the linux kernel. I did this because earlier in the year, around February, I broke my old phone during a skiing trip and hastily bought a cheap android phone, the Alcatelβ¦
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
https://github.com/h3xduck/TripleCross
#rootkit #redteam #linux #kernel #Aligner
https://github.com/h3xduck/TripleCross
#rootkit #redteam #linux #kernel #Aligner
GitHub
GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence andβ¦
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities. - h3xduck/TripleCross
π₯11π2
Analyzing a Modern In-the-wild Android Exploit
https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html
#expdev #android #linux
https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html
#expdev #android #linux
projectzero.google
Analyzing a Modern In-the-wild Android Exploit - Project Zero
By Seth Jenkins, Project ZeroIntroductionIn December 2022, Googleβs Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsu...
π₯5
Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
POC: https://github.com/leesh3288/CVE-2023-4911
#expdev #linux #lpe #Alexs3y
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
POC: https://github.com/leesh3288/CVE-2023-4911
#expdev #linux #lpe #Alexs3y
GitHub
GitHub - leesh3288/CVE-2023-4911: PoC for CVE-2023-4911
PoC for CVE-2023-4911. Contribute to leesh3288/CVE-2023-4911 development by creating an account on GitHub.
π₯8π4β€1