Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files from Brad Spengler

Email addressspender at grsecurity.net
First Active2000-03-27
Last Active2014-03-12
Linux perf_swevent_init Privilege Escalation
Posted Mar 12, 2014
Authored by Brad Spengler, Sorbo

This is a ROP exploit variant of the perf_swevent_init local root exploit for the Linux kernel versions prior to 3.8.9 for x86_64.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2013-2094
MD5 | e1430f6d2ca818b20a18208e482335a7
Linux Kernel MSR Driver Privilege Escalation
Posted Aug 4, 2013
Authored by Brad Spengler

Proof of concept exploit for the /dev/cpu/*/msr race condition that allows for privilege escalation in Linux kernels prior to 3.7.6.

tags | exploit, kernel, proof of concept
systems | linux
advisories | CVE-2013-0268
MD5 | fbb8c5cd4fa0a715a5bf61cb08e08e24
Linux Kernel Sendpage Local Privilege Escalation
Posted Jul 19, 2012
Authored by Brad Spengler, Ramon de C Valle, Tavis Ormandy, Julien Tinnes, egypt | Site metasploit.com

The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

tags | exploit, arbitrary, kernel, protocol, ppc
systems | linux
advisories | CVE-2009-2692
MD5 | 2592f40037078ac9737526c10644b4e9
Enlightenment Linux NULL Pointer Dereference Exploit Framework
Posted Sep 10, 2009
Authored by Brad Spengler

Enlightenment is an exploit framework that takes advantage of the Linux NULL pointer dereference vulnerability.

tags | exploit
systems | linux
MD5 | 6b08a0851dddde6eaf857e2e02d94231
Linux Kernel udp_sendmsg Local Root Exploit
Posted Sep 3, 2009
Authored by Brad Spengler

Linux 2.6 kernels prior to version 2.6.19 udp_sendmsg local root exploit for x86/x64.

tags | exploit, x86, kernel, local, root
systems | linux
advisories | CVE-2009-2698
MD5 | c28dd77ea09c1ddafb775cb8e53cb35e
Linux 2.x Kernel Local Root
Posted Aug 15, 2009
Authored by Brad Spengler

Linux 2.x kernel sock_sendpage() local root exploit. It works on 2.4, 2.6, x86, x64, 4k stacks, 8k stacks, with/without cred framework, bypasses mmap_min_addr in any public way possible (auto-detecting which method to use).

tags | exploit, x86, kernel, local, root
systems | linux
MD5 | 0db39d0131fc0666b3a101e1dc45a7d4
Linux 2.6.30+/SELinux/RHEL5 Local Root Exploit
Posted Jul 17, 2009
Authored by Brad Spengler

Linux 2.6.30+/SELinux/RHEL5 local root exploit. Works on both 32bit and 64bit kernels.

tags | exploit, kernel, local, root
systems | linux
MD5 | 3c1f32c8c2d4538788f1c5fc52b1a8a5
grsecurity-2.1.9-2.4.33.2-200608231938.patch.gz
Posted Aug 27, 2006
Authored by Brad Spengler | Site grsecurity.net

A new grsecurity patch has been released. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

systems | linux, openbsd
MD5 | de2c3d1c8733bafe8b9a7d4db0eccc82
grsecurity-2.1.8-2.6.14.6-200601211647.patch.gz
Posted Jan 27, 2006
Authored by Brad Spengler | Site grsecurity.net

A new grsecurity patch has been released for the 2.6.14.6 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

tags | kernel
systems | linux, openbsd
MD5 | 327972c2f4e8fab890f58d67bb69e77f
grsecurity-2.1.8-2.4.32-200601211647.patch.gz
Posted Jan 27, 2006
Authored by Brad Spengler | Site grsecurity.net

A new grsecurity patch has been released for the 2.4.32 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

tags | kernel
systems | linux, openbsd
MD5 | 77e5fd7d8bb0eeb8ed8e9d0a4bff5cde
systrace.txt
Posted Apr 7, 2004
Authored by Brad Spengler | Site grsecurity.net

Full detailed analysis and explanation of a systrace vulnerability that exists in various kernels. This problem was silently fixed in the Linux 2.4.24 kernel release without any real acknowledgment to the security community. Full exploit included.

tags | exploit, kernel
systems | linux
MD5 | 3ee4b2c23da5f70220f4d222dfec56c8
iptables.txt
Posted Feb 6, 2001
Authored by Brad Spengler

How to use Iptables - Explains the new features, how to use them, how to write rulesets, and includes a sample firewall script.

tags | paper
MD5 | 19d436b9ffb68b7a7ba5150f79f4b6a6
cisco.txt
Posted Jun 21, 2000
Authored by Brad Spengler

Enhancing network security through the use of inexpensive cisco routers. Describes local router security, turning off the routers services, access-lists, dos protection, and more.

tags | local
systems | cisco
MD5 | 23c3dea35661fb4db5d7b701089cffeb
Sysctl.sh
Posted Jun 19, 2000
Authored by Brad Spengler

Using the sysctl support in linux to enhance a system security against outside attacks. Includes a script to optimize these settings by echoing values to /proc/sys/net/ipv4/*, turning on kernel security features which lessen the effect of SYN floods, smurf attacks, and turn on source validation by reversed path to add more protection against spoofed packets. Tested on linux 2.2.x.

tags | kernel, spoof
systems | linux
MD5 | 489208bede266aac78116d80abaf9d01
ipchains.txt
Posted Jun 15, 2000
Authored by Brad Spengler

Linux Firewalling - Insights and Explainations. Covers basic IPchains firewall building, advanced IPchains firewalling, and linux firewall related insights and recommendations on which traffic to allow.

tags | paper
systems | linux
MD5 | 7ff543a1e829f9edeb3ec8965ad7c2b4
datapool3.3.tar.gz
Posted May 13, 2000
Authored by Brad Spengler

Datapool v3.3 combines 106 dos attacks into one script. This version actually learns by keeping a database of which attacks are successful against each host, so the next time it uses the most successful attack first. Features logging, port rance specification, continous attack option, multiple IP addresses, and looping attack of multiple IPs. Includes sources of almost all attacks used, many of which are edited for speed and greater effect.

Changes: A icmp/udp/syn flooder scripted by the author, many new options, documentation updates. Simultaneous attacks were added, along with several line speed options.
tags | denial of service
MD5 | 12006213a1cade11a1a9bb56c03a1501
datapool2.1.tar.gz
Posted Apr 11, 2000
Authored by Brad Spengler

Datapool v2.1 combines 82 dos attacks into one script. Features logging, port rance specification, continous attack option, miltiple IP addresses, and looping attack of multiple IPs. Includes sources of almost all attacks used.

Changes: Added portless attacks, updated old school ascii, bug fixes.
tags | denial of service
MD5 | 4283ba60df4f5feffc4106bc6039ebd9
datapool2.0.tar.gz
Posted Mar 31, 2000
Authored by Brad Spengler

Datapool v2.0 combines 81 dos attacks into one script. Features logging, port rance specification, continous attack option, miltiple IP addresses, and looping attack of multiple IPs. Includes sources of almost all attacks used.

tags | denial of service
MD5 | ac3616494795b839e42104b55e0f4292
datapool1.0.tar.gz
Posted Mar 27, 2000
Authored by Brad Spengler

Datapool combines several DoS attacks in one shell script.

tags | denial of service, shell
MD5 | d78fcd89e18bdfcf71a01c2de2491aa6
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close