accept no compromises
Showing 1 - 10 of 10 RSS Feed

Files from rebel

Email addressrebel at pulltheplug.org
First Active2005-12-27
Last Active2016-12-07
Linux Kernel 4.4.0 AF_PACKET Race Condition / Privilege Escalation
Posted Dec 7, 2016
Authored by rebel

Linux AF_PACKET race condition exploit for Ubuntu 16.04 x86_64.

tags | exploit
systems | linux, ubuntu
advisories | CVE-2016-8655
MD5 | 803c6124c3dfdcf405e4d99abc79f610
Overlayfs Privilege Escalation
Posted Nov 1, 2016
Authored by rebel, h00die | Site metasploit.com

This Metasploit module attempts to exploit two different CVEs (CVE-2015-1328 and CVE-2015-8660) related to overlayfs.

tags | exploit
advisories | CVE-2015-1328, CVE-2015-8660
MD5 | 062fc5f2b168ffa209bea59c96f17d8d
Linux Kernel 3.13.1 Recvmmsg Privilege Escalation
Posted Oct 10, 2016
Authored by rebel, h00die | Site metasploit.com

This Metasploit module attempts to exploit CVE-2014-0038, by sending a recvmmsg system call with a crafted timeout pointer parameter to gain root. This exploit has offsets for 3 Ubuntu 13 kernels built in: 3.8.0-19-generic (13.04 default) 3.11.0-12-generic (13.10 default) 3.11.0-15-generic (13.10) This exploit may take up to 13 minutes to run due to a decrementing (1/sec) pointer which starts at 0xff*3 (765 seconds)

tags | exploit, kernel, root
systems | linux, ubuntu
advisories | CVE-2014-0038
MD5 | f3b6c4e0beead8eebe4c182da3752bd8
Ubuntu 14.04 LTS / 15.10 overlayfs Local Root
Posted Jan 6, 2016
Authored by rebel

Ubuntu 14.04 LTS and 15.10 overlayfs local root exploit.

tags | exploit, local, root
systems | linux, ubuntu
advisories | CVE-2015-8660
MD5 | 14b74b60c34b10ab7d5e75aec6bb7526
RHEL 7.0 / 7.1 abrt / sosreport Local Root
Posted Dec 1, 2015
Authored by rebel

Local root exploit for Redhat Enterprise Linux versions 7.0 and 7.1 that leverages abrt/sosreport.

tags | exploit, local, root
systems | linux, redhat
advisories | CVE-2015-5287
MD5 | 330251c1a1a1d6bfa86f03f66619d5e3
CentOS 7.1 / Fedora 22 abrt Local Root
Posted Dec 1, 2015
Authored by rebel

CentOS version 7.1 and Fedora version 22 abrt local root exploit. It leverages abrt-hook-ccpp insecure open() usage and abrt-action-install-debuginfo insecure temp directory usage.

tags | exploit, local, root
systems | linux, fedora, centos
advisories | CVE-2015-5273, CVE-2015-5287
MD5 | 79c9b7449cca70e39882750ad21aaba8
Mac OS X 10.9.5 / 10.10.5 rsh/libmalloc Privilege Escalation
Posted Oct 27, 2015
Authored by rebel, shandelman116 | Site metasploit.com

This Metasploit module writes to the sudoers file without root access by exploiting rsh and malloc log files. Makes sudo require no password, giving access to su even if root is disabled. Works on OS X 10.9.5 to 10.10.5 (patched on 10.11).

tags | exploit, root
systems | apple, osx
advisories | CVE-2015-5889
MD5 | dc4258c8896b5eff92876ba20f531ffd
Ubuntu 12.04 / 14.04 / 14.10 / 15.04 overlayfs Local Root
Posted Jun 16, 2015
Authored by rebel

The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIG_USER_NS=y and where overlayfs has the FS_USERNS_MOUNT flag, which allows the mounting of overlayfs inside unprivileged mount namespaces. This is the default configuration of Ubuntu 12.04, 14.04, 14.10, and 15.04. Included is a full exploit demonstration root code execution.

tags | exploit, kernel, root, code execution
systems | linux, ubuntu
advisories | CVE-2015-1328
MD5 | b43aa9c1b8ce439422177d9eeeeba46c
Linux 3.4+ CONFIG_X86_X32=y Local Root
Posted Feb 3, 2014
Authored by rebel

Linux 3.4+ local root exploit that spawns a root shell leveraging CONFIG_X86_X32=y.

tags | exploit, shell, local, root
systems | linux
advisories | CVE-2014-0038
MD5 | 579c20483c9aacc4471bafa7285daeb0
phalanx-b6.tar.bz2
Posted Dec 27, 2005
Authored by rebel

Phalanx is a self-injecting kernel rootkit designed for the Linux 2.6 branch that does not use the now-disabled /dev/kmem device. Features include file hiding, process hiding, socket hiding, a tty sniffer, a tty connectback-backdoor, and auto injection on boot.

tags | tool, kernel, rootkit
systems | linux, unix
MD5 | 3d0ef3793579cd846e43a034d147ecd0
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close