Twenty Year Anniversary
Showing 1 - 7 of 7 RSS Feed

Files from Andrey Konovalov

First Active2017-02-27
Last Active2018-08-09
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) Arbitrary File Read
Posted Aug 9, 2018
Authored by Andrey Konovalov

Linux Kernel version 4.14.7 (Ubuntu 16.04 / CentOS 7) arbitrary file read exploit with KASLR and SMEP bypass.

tags | exploit, arbitrary, kernel
systems | linux, ubuntu, centos
advisories | CVE-2017-18344
MD5 | 3979f56d7a233c067dd58ea0b8242822
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation
Posted Aug 3, 2018
Authored by h00die, Brendan Coles, Andrey Konovalov | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing UDP Fragmentation Offload (UFO). This exploit targets only systems using Ubuntu (Trusty / Xenial) kernels 4.4.0-21 <= 4.4.0-89 and 4.8.0-34 <= 4.8.0-58, including Linux distros based on Ubuntu, such as Linux Mint. The target system must have unprivileged user namespaces enabled and SMAP disabled. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on various Ubuntu and Linux Mint systems, including: Ubuntu 14.04.5 4.4.0-31-generic x64 Desktop; Ubuntu 16.04 4.8.0-53-generic; Linux Mint 17.3 4.4.0-89-generic; Linux Mint 18 4.8.0-58-generic

tags | exploit, kernel, root, udp
systems | linux, ubuntu
advisories | CVE-2017-1000112
MD5 | 365cc8e31e8378f416a359810066fcda
AF_PACKET packet_set_ring Privilege Escalation
Posted May 17, 2018
Authored by Brendan Coles, Andrey Konovalov | Site metasploit.com

This Metasploit module exploits a heap-out-of-bounds write in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2017-7308). The bug was initially introduced in 2011 and patched in version 4.10.6, potentially affecting a large number of kernels; however this exploit targets only systems using Ubuntu Xenial kernels 4.8.0 < 4.8.0-46, including Linux distros based on Ubuntu Xenial, such as Linux Mint. The target system must have unprivileged user namespaces enabled and two or more CPU cores. Bypasses for SMEP, SMAP and KASLR are included. Failed exploitation may crash the kernel. This Metasploit module has been tested successfully on Linux Mint 18 (x86_64) with kernel versions: 4.8.0-34-generic; 4.8.0-36-generic; 4.8.0-39-generic; 4.8.0-41-generic; 4.8.0-42-generic; 4.8.0-44-generic; 4.8.0-45-generic.

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2017-7308
MD5 | 619464075778b62a92b3753066e120ba
Linux Kernel 3.x usb-midi Local Privilege Escalation
Posted May 12, 2017
Authored by Andrey Konovalov

Linux kernel version 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) double-free usb-midi SMEP local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux, fedora, ubuntu
advisories | CVE-2016-2384
MD5 | f382e3185fa8fec2539033c515f5feaf
Linux Kernel SO_SNDBUFFORCE / SO_RCVBUFFORCE Local Privilege Escalation
Posted May 12, 2017
Authored by Andrey Konovalov

Linux kernel versions 3.11 through 4.8 O_SNDBUFFORCE and SO_RCVBUFFORCE local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2016-9793
MD5 | 8d69f53f0ff00c6c5d4b833c534a4aee
Linux Kernel 4.4.0 Ubuntu DCCP Double-Free Crash
Posted Feb 27, 2017
Authored by Andrey Konovalov

Linux kernel version 4.4.0 (Ubuntu) DCCP double-free crash denial of service proof of concept exploit.

tags | exploit, denial of service, kernel, proof of concept
systems | linux, ubuntu
advisories | CVE-2017-6074
MD5 | 64869a56d09161f6df97f86638c06fe9
Linux Kernel 4.4.0 Ubuntu DCCP Double-Free Privilege Escalation
Posted Feb 27, 2017
Authored by Andrey Konovalov

Linux Kernel version 4.4.0 (Ubuntu) DCCP double-free privilege escalation exploit that includes a semi-reliable SMAP/SMEP bypass.

tags | exploit, kernel
systems | linux, ubuntu
advisories | CVE-2017-6074
MD5 | 4b57202cbe11e092d2eff65de8f63620
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close