The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
321c45b54888e1f1f3b5f3b329cb57cd720ab8e13802b768d29fb70e72c5e09184 bytes small Linux/x86 reverse TCP shellcode.
a9b8dde55f9a62b0ac5a12be1dac512db3965420f4d49dbeec8a6055fc68b62d39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.
f15f64c0d4291382054a30e3697719a38ea41de5b89587531e1baff5818409e880 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.
b6288f9069a67ab9a6e3d01fe3b23d7615e89b3fbb4002b6507be11140b269ff155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.
d72edd6daaf006feaf82398a3b67d4281ff9258ee56eeaedca56c7d0ab3e4980107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.
e9483cceb2d45bc3e4c29c88655dc4a6e6bcedc432d98e81e5ab93618931183657 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload.
0b2a9ee02c0b7d0258cad51519bebf538bc5adf11a6b79a09c2f9a31449092a763 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode.
c3ff54b357a821a1566c2d7a70204024eb13af4cdf6c240a1725a87696156951This is a whitepaper providing a Linux kernel hacking introduction. Written in Korean.
70b905774f039dbf1b79d316a75a314dd09b5e5f02ba71bf7dc495772f69434cLinux kernel ldso_dynamic stack clash privilege escalation exploit. This affects Debian 9/10, Ubuntu 14.04.5/16.04.2/17.04, and Fedora 23/24/25.
019f1ce6374470fd5095849ce9301acb133a3679244b764940a7e40a80e999dfLinux kernel ldso_hwcap_64 stack clash privilege escalation exploit. This affects Debian 7.7/8.5/9.0, Ubuntu 14.04.2/16.04.2/17.04, Fedora 22/25, and CentOS 7.3.1611.
7c324e4c61aee597fae1e36e8fbd936e360099156578d347ef8a0c10d633cce6Linux kernel offset2lib stack clash exploit.
f1addfd343ecc2a4c4e2f9697900b6d0f23b685b668f34ffb4b54dd9fc0ac77fLinux kernel ldso_hwcap stack clash privilege escalation exploit. This affects Debian 7/8/9/10, Fedora 23/24/25, and CentOS 5.3/5.11/6.0/6.8/7.2.1511.
e3bc684fbe0cc5c683f1e0aa4b3c0294f9ee713b3f50398609a3d2677cd20406sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
ac65043996573ceeb614f1136d6a563af63993e3f685833845953860f65ca47fThis is a brief whitepaper that discusses various Linux kernel patches.
5334d65e04977552085549f202d6bb59ae90e69923984b89d09119c2bfb8472aThe Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
cc066acc2ba98c60487220c98c8c2dd4f652f4416abb44caf310273947bc9d56The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
bd537e8cfd62c93c7b97d86560d13e889862b2c616cffca2fe13d5ca4981bc95The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
d218ae46a81a248e35dee10baea3e087404f8327ea92a0b2aee6adf48cad3ca6The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
b7b6877b1d7e4631f1bd26baae92087f511563b1a0c96034f9ac6c168a3ad3ddThe Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
429ecf25108eac097002041ba29ce02930f25b5f18f372c6e0a6f5ef0eed3c7cThe Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
0c25720b101ace36c2d6e8690e52d2db9f39acb3098ead4872c97e1417281062The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
74f0ef89d40cd7ce76ae136da44446c3bd5c8e59fbed96d4bf0d38dc3d879c93The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
d524c6272e03bae71b8cfb8b64310680e24c0e94d3d435156f2d5a6cd3b01580The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
1e8deb3be83198f6102ea2cfa87c324f6fa31399e90dffd2f0e3b56d0ac9ab6fThe Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
aab37c053f58b678cec50513fa87f4675f274047294b84257b60d45390ab1d4aLinux kernel IPV6_Getsockopt_Sticky memory leak proof of concept exploit. This affects versions below 2.6.20.2.
cb48faf3bced1bda83f19c4186be79d120f5c8718b123839cbca7eedbbbac5dc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed