In this blog post we'll go over a Linux kernel privilege escalation vulnerability I discovered which enables arbitrary code execution within the kernel. The vulnerability affected all devices based on Qualcomm chipsets (that is, based on the "msm&quo…

/* * FreeBSD 9.0 Intel SYSRET Kernel Privilege Escalation exploit * Author by CurcolHekerLink * * This exploit based on open source project, I can make it open source too. Right? * * If you blaming me for open sourcing this exploit, you can fuck your…

/* Anonymous * * How to use: sudo rm -rf / * * greetz: djrbliss, kad, Ac1dB1tch3z, nVidia! * * Only complete fix patch nvidia drivers and redefine * IS_BLACKLISTED_REG_OFFSET: #define IS_BLACKLISTED_REG_OFFSET(nv, offset, length) 1 */ #define _GNU_SO…

ANALYSIS AND EXPLOITATION OF A LINUX KERNEL VULNERABILITY (CVE-2016-0728) By Perception Point Research Team Introduction The Perception Point Research team has identified a 0-day local privilege escalation vulnerability in the Linux kernel. While the…

Privilege Escalation Download the Basic-pentesting vitualmation from the following website: https://www.vulnhub.com/entry/basic-pentesting-1,216/ 1.Scan the target server using nmap. nmap -Pn -sS --stats-every 3m --max-scan-delay --defeat-rst-ratelim…

漏洞版本: Linux Kernel 漏洞描述: Bugtraq ID:64270 CVE ID:CVE-2013-6367 Linux Kernel是一款开源的操作系统. Linux KVM LAPIC实现中的'apic_get_tmcct()'函数存在一个除零错误,允许本地特权用户使宿主系统崩溃. <* 参考 https://bugzilla.redhat.com/show_bug.cgi?id=1032207 http://lwn.net/Articles/576880/http://se…

漏洞版本: Linux Kernel 漏洞描述: Bugtraq ID:64291 CVE ID:CVE-2013-6368 Linux Kernel是一款开源的操作系统. 如果用户空间提供的vapic_addr地址在页面的末尾,KVM kvm_lapic_sync_from_vapic和kvm_lapic_sync_to_vapic在处理跨页边界的虚拟APIC存取时存在内存破坏漏洞,非特权本地用户可利用该缺陷使系统崩溃或提升权限. <* 参考 https://bugzilla.redhat.c…

漏洞版本: Linux kernel 漏洞描述: BUGTRAQ ID: 62405 CVE(CAN) ID: CVE-2013-4350 Linux Kernel是Linux操作系统的内核. Linux kernel在sctp_v6_xmit中存在ipv6加密bug,攻击者可利用此漏洞泄露敏感信息. <* 参考 https://bugzilla.redhat.com/show_bug.cgi?id=1007903 *> 安全建议: 厂商补丁: Linux ----- 目前厂商已经发布了升级补…

漏洞版本: Linux kernel 漏洞描述: BUGTRAQ ID: 61995 CVE(CAN) ID: CVE-2013-5634 Linux Kernel是Linux操作系统的内核. 适用于ARM平台.支持CONFIG_KVM的Linux kernel在KVM设备上执行ioctl(KVM_GET_REG_LIST)调用时没有首先正确初始化vCPU,存在空指针引用漏洞,本地攻击者可利用此漏洞造成内核崩溃. <* 参考 http://seclists.org/oss-sec/2013/q3…

漏洞版本: Linux Kernel 漏洞描述: Bugtraq ID:60414 CVE ID:CVE-2013-2140 Linux是一款开源的操作系统. 由于不充分的检查BLKIF_OP_DISCARD权限,如果系统管理员提供一个只读权限的磁盘,允许特权Guest用户利用该漏洞绕过限制破坏磁盘上的数据. <* 参考 http://seclists.org/oss-sec/2013/q2/488 https://bugzilla.redhat.com/show_bug.cgi?id=9711…