exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

linux-2.2.21-ow2.tar.gz
Posted Sep 11, 2002
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Added many security fixes for issues with the Linux kernel.
tags | overflow, kernel
systems | linux
SHA-256 | 2fa57b89ffa2eef96ee4b1b9421edd13132dc79a66c380fdf318c75b0f15be97

Related Files

Linux/x86 Reverse TCP Shellcode
Posted Aug 24, 2020
Authored by Xenofon Vassilakopoulos

84 bytes small Linux/x86 reverse TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
SHA-256 | a9b8dde55f9a62b0ac5a12be1dac512db3965420f4d49dbeec8a6055fc68b62d
Linux/x86 Egghunter Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.

tags | x86, shellcode
systems | linux
SHA-256 | f15f64c0d4291382054a30e3697719a38ea41de5b89587531e1baff5818409e8
Linux/x86 Reverse Shell Generator Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | b6288f9069a67ab9a6e3d01fe3b23d7615e89b3fbb4002b6507be11140b269ff
Linux/x86 Dynamic MMX+FPU Encoded Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
SHA-256 | d72edd6daaf006feaf82398a3b67d4281ff9258ee56eeaedca56c7d0ab3e4980
Linux/x86 Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
SHA-256 | e9483cceb2d45bc3e4c29c88655dc4a6e6bcedc432d98e81e5ab936189311836
Linux/x64_86 ROL Encoded Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

57 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload.

tags | shellcode, bash
systems | linux
SHA-256 | 0b2a9ee02c0b7d0258cad51519bebf538bc5adf11a6b79a09c2f9a31449092a7
Linux/x64_86 Egghunter Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

63 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode.

tags | shellcode, bash
systems | linux
SHA-256 | c3ff54b357a821a1566c2d7a70204024eb13af4cdf6c240a1725a87696156951
Linux Kernel Vulnerability Exploitation
Posted Mar 22, 2018
Authored by x90c

This is a whitepaper providing a Linux kernel hacking introduction. Written in Korean.

tags | paper, kernel
systems | linux
SHA-256 | 70b905774f039dbf1b79d316a75a314dd09b5e5f02ba71bf7dc495772f69434c
Linux Kernel ldso_dynamic Stack Clash Privilege Escalation
Posted Jun 30, 2017
Site qualys.com

Linux kernel ldso_dynamic stack clash privilege escalation exploit. This affects Debian 9/10, Ubuntu 14.04.5/16.04.2/17.04, and Fedora 23/24/25.

tags | exploit, kernel
systems | linux, debian, fedora, ubuntu
advisories | CVE-2017-1000366, CVE-2017-1000371
SHA-256 | 019f1ce6374470fd5095849ce9301acb133a3679244b764940a7e40a80e999df
Linux Kernel ldso_hwcap_64 Stack Clash Privilege Escalation
Posted Jun 30, 2017
Site qualys.com

Linux kernel ldso_hwcap_64 stack clash privilege escalation exploit. This affects Debian 7.7/8.5/9.0, Ubuntu 14.04.2/16.04.2/17.04, Fedora 22/25, and CentOS 7.3.1611.

tags | exploit, kernel
systems | linux, debian, fedora, ubuntu, centos
advisories | CVE-2017-1000366, CVE-2017-1000379
SHA-256 | 7c324e4c61aee597fae1e36e8fbd936e360099156578d347ef8a0c10d633cce6
Linux Kernel offset2lib Stack Clash
Posted Jun 30, 2017
Site qualys.com

Linux kernel offset2lib stack clash exploit.

tags | exploit, kernel
systems | linux
advisories | CVE-2017-1000370, CVE-2017-1000371
SHA-256 | f1addfd343ecc2a4c4e2f9697900b6d0f23b685b668f34ffb4b54dd9fc0ac77f
Linux Kernel ldso_hwcap Stack Clash Privilege Escalation
Posted Jun 29, 2017
Site qualys.com

Linux kernel ldso_hwcap stack clash privilege escalation exploit. This affects Debian 7/8/9/10, Fedora 23/24/25, and CentOS 5.3/5.11/6.0/6.8/7.2.1511.

tags | exploit, kernel
systems | linux, debian, fedora, centos
advisories | CVE-2017-1000366, CVE-2017-1000370
SHA-256 | e3bc684fbe0cc5c683f1e0aa4b3c0294f9ee713b3f50398609a3d2677cd20406
Sudo get_process_ttyname() For Linux Stack Clash
Posted Jun 20, 2017
Site qualys.com

sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.

tags | exploit, info disclosure
advisories | CVE-2017-1000367
SHA-256 | ac65043996573ceeb614f1136d6a563af63993e3f685833845953860f65ca47f
Linux Kernel Patches
Posted Oct 14, 2013
Authored by x90c

This is a brief whitepaper that discusses various Linux kernel patches.

tags | paper, kernel
systems | linux
SHA-256 | 5334d65e04977552085549f202d6bb59ae90e69923984b89d09119c2bfb8472a
Openwall Linux Kernel Patch 2.4.37.9
Posted Feb 20, 2010
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.9. A post-2.4.37.9 upstream fix for FAT filesystems has been added. The FAQ has been updated.
tags | overflow, kernel
systems | linux
SHA-256 | cc066acc2ba98c60487220c98c8c2dd4f652f4416abb44caf310273947bc9d56
Openwall Linux Kernel Patch 2.4.37.7-ow1
Posted Nov 18, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.7.
tags | overflow, kernel
systems | linux
SHA-256 | bd537e8cfd62c93c7b97d86560d13e889862b2c616cffca2fe13d5ca4981bc95
Openwall Linux Kernel Patch 2.4.37.6
Posted Oct 26, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.6. A fix for a typographical error in one of the information leak fixes included into 2.4.37.6 has been added.
tags | overflow, kernel
systems | linux
SHA-256 | d218ae46a81a248e35dee10baea3e087404f8327ea92a0b2aee6adf48cad3ca6
Openwall Linux Kernel Patch
Posted Aug 23, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Besides being an update to the 2.4.37.5 kernel release, this revision of the patch adds a fix for the sigaltstack local information leak affecting 64-bit kernel builds.)
tags | overflow, kernel
systems | linux
advisories | CVE-2009-2847
SHA-256 | b7b6877b1d7e4631f1bd26baae92087f511563b1a0c96034f9ac6c168a3ad3dd
Openwall Linux Kernel Patch
Posted Aug 5, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.4, which integrates a replacement for the "personality" hardening measure introduced in 2.4.37.3-ow1.
tags | overflow, kernel
systems | linux
SHA-256 | 429ecf25108eac097002041ba29ce02930f25b5f18f372c6e0a6f5ef0eed3c7c
Openwall Linux Kernel Patch
Posted Jul 20, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Besides being an update to the 2.4.37.3 kernel release, this revision of the patch introduces an additional security hardening measure where the kernel would no longer allow the "personality" feature (which is needed to support some program binaries from other operating systems) to be abused to bypass the vm.mmap_min_addr restriction via SUID-root programs with a certain class of design errors in them.
tags | overflow, kernel
systems | linux
SHA-256 | 0c25720b101ace36c2d6e8690e52d2db9f39acb3098ead4872c97e1417281062
Openwall Linux Kernel Patch
Posted Jul 7, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: This release was updated to Linux 2.4.37.2.
tags | overflow, kernel
systems | linux
SHA-256 | 74f0ef89d40cd7ce76ae136da44446c3bd5c8e59fbed96d4bf0d38dc3d879c93
Openwall Linux Kernel Patch
Posted May 25, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: This release was updated to Linux 2.4.37.1. Functionality of the CONFIG_HARDEN_PAGE0 feature has been revised to apply on top of the vm.mmap_min_addr sysctl introduced in mainstream 2.4 kernels, and the documentation has been revised accordingly.
tags | overflow, kernel
systems | linux
SHA-256 | d524c6272e03bae71b8cfb8b64310680e24c0e94d3d435156f2d5a6cd3b01580
Openwall Linux Kernel Patch
Posted Aug 15, 2007
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

tags | overflow, kernel
systems | linux
SHA-256 | 1e8deb3be83198f6102ea2cfa87c324f6fa31399e90dffd2f0e3b56d0ac9ab6f
Openwall Linux Kernel Patch
Posted Aug 9, 2007
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

tags | overflow, kernel
systems | linux
SHA-256 | aab37c053f58b678cec50513fa87f4675f274047294b84257b60d45390ab1d4a
linux-26202.txt
Posted Jul 11, 2007
Authored by dreyer

Linux kernel IPV6_Getsockopt_Sticky memory leak proof of concept exploit. This affects versions below 2.6.20.2.

tags | exploit, kernel, proof of concept, memory leak
systems | linux
advisories | CVE-2007-1000
SHA-256 | cb48faf3bced1bda83f19c4186be79d120f5c8718b123839cbca7eedbbbac5dc
Page 1 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close