Exploit the possiblities
Showing 1 - 10 of 10 RSS Feed

Files from rebel

Email addressrebel at pulltheplug.org
First Active2005-12-27
Last Active2016-12-07
Linux Kernel 4.4.0 AF_PACKET Race Condition / Privilege Escalation
Posted Dec 7, 2016
Authored by rebel

Linux AF_PACKET race condition exploit for Ubuntu 16.04 x86_64.

tags | exploit
systems | linux, ubuntu
advisories | CVE-2016-8655
MD5 | 803c6124c3dfdcf405e4d99abc79f610
Overlayfs Privilege Escalation
Posted Nov 1, 2016
Authored by rebel, h00die | Site metasploit.com

This Metasploit module attempts to exploit two different CVEs (CVE-2015-1328 and CVE-2015-8660) related to overlayfs.

tags | exploit
advisories | CVE-2015-1328, CVE-2015-8660
MD5 | 062fc5f2b168ffa209bea59c96f17d8d
Linux Kernel 3.13.1 Recvmmsg Privilege Escalation
Posted Oct 10, 2016
Authored by rebel, h00die | Site metasploit.com

This Metasploit module attempts to exploit CVE-2014-0038, by sending a recvmmsg system call with a crafted timeout pointer parameter to gain root. This exploit has offsets for 3 Ubuntu 13 kernels built in: 3.8.0-19-generic (13.04 default) 3.11.0-12-generic (13.10 default) 3.11.0-15-generic (13.10) This exploit may take up to 13 minutes to run due to a decrementing (1/sec) pointer which starts at 0xff*3 (765 seconds)

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2014-0038
MD5 | f3b6c4e0beead8eebe4c182da3752bd8
Ubuntu 14.04 LTS / 15.10 overlayfs Local Root
Posted Jan 6, 2016
Authored by rebel

Ubuntu 14.04 LTS and 15.10 overlayfs local root exploit.

tags | exploit, local, root
systems | linux, ubuntu
advisories | CVE-2015-8660
MD5 | 14b74b60c34b10ab7d5e75aec6bb7526
RHEL 7.0 / 7.1 abrt / sosreport Local Root
Posted Dec 1, 2015
Authored by rebel

Local root exploit for Redhat Enterprise Linux versions 7.0 and 7.1 that leverages abrt/sosreport.

tags | exploit, local, root
systems | linux, redhat
advisories | CVE-2015-5287
MD5 | 330251c1a1a1d6bfa86f03f66619d5e3
CentOS 7.1 / Fedora 22 abrt Local Root
Posted Dec 1, 2015
Authored by rebel

CentOS version 7.1 and Fedora version 22 abrt local root exploit. It leverages abrt-hook-ccpp insecure open() usage and abrt-action-install-debuginfo insecure temp directory usage.

tags | exploit, local, root
systems | linux, fedora, centos
advisories | CVE-2015-5273, CVE-2015-5287
MD5 | 79c9b7449cca70e39882750ad21aaba8
Mac OS X 10.9.5 / 10.10.5 rsh/libmalloc Privilege Escalation
Posted Oct 27, 2015
Authored by rebel, shandelman116 | Site metasploit.com

This Metasploit module writes to the sudoers file without root access by exploiting rsh and malloc log files. Makes sudo require no password, giving access to su even if root is disabled. Works on OS X 10.9.5 to 10.10.5 (patched on 10.11).

tags | exploit, root
systems | apple, osx
advisories | CVE-2015-5889
MD5 | dc4258c8896b5eff92876ba20f531ffd
Ubuntu 12.04 / 14.04 / 14.10 / 15.04 overlayfs Local Root
Posted Jun 16, 2015
Authored by rebel

The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIG_USER_NS=y and where overlayfs has the FS_USERNS_MOUNT flag, which allows the mounting of overlayfs inside unprivileged mount namespaces. This is the default configuration of Ubuntu 12.04, 14.04, 14.10, and 15.04. Included is a full exploit demonstration root code execution.

tags | exploit, kernel, root, code execution
systems | linux, ubuntu
advisories | CVE-2015-1328
MD5 | b43aa9c1b8ce439422177d9eeeeba46c
Linux 3.4+ CONFIG_X86_X32=y Local Root
Posted Feb 3, 2014
Authored by rebel

Linux 3.4+ local root exploit that spawns a root shell leveraging CONFIG_X86_X32=y.

tags | exploit, shell, local, root
systems | linux
advisories | CVE-2014-0038
MD5 | 579c20483c9aacc4471bafa7285daeb0
phalanx-b6.tar.bz2
Posted Dec 27, 2005
Authored by rebel

Phalanx is a self-injecting kernel rootkit designed for the Linux 2.6 branch that does not use the now-disabled /dev/kmem device. Features include file hiding, process hiding, socket hiding, a tty sniffer, a tty connectback-backdoor, and auto injection on boot.

tags | tool, kernel, rootkit
systems | linux, unix
MD5 | 3d0ef3793579cd846e43a034d147ecd0
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close