Proof of concept exploit that demonstrates a bug that can be used to escape the Chrome sandbox from a compromised renderer. Two exploits are included, one for the 64 bit version 90.0.4430.91 and the other is for the 32 bit version 88.0.4324.181. The build configs are in the corresponding sub directories.
6f9069e00ff5656306f2637f1524304a8b31f78226021e7cf37a36cd64d05030Proof of concept exploit for a command injection vulnerability in the CImg library. The vulnerability was fixed in version 2.3.4.
6ef5d7dcb85c308d39aa850e6468244ceb1dac7d7125ea9aa8dd53e5b5db5a01Apache Struts remote code execution proof of concept exploit that affects versions prior to 2.3.35 and 2.5.17.
378f12002cded8ad65b82350acd98b42b3b0fa65d697cfb00d3661569e72472fProof of concept code that exploits three bugs that can be used to gain arbitrary kernel code execution, read and write from the untrusted app domain. Kernel code is executed in the context of the root user and the exploit also disable SELinux. The exploit is tested on Samsung Galaxy A71 with firmware version A715FXXU3BUB5, Baseband A715FXXU3BUB4 and Kernel version 4.14.190-20973144.
d7fb13a8e212690bea66fdff3ce4d52d05a239e824796af7a580b4f67ac5a57dProof of concept exploit for an information leak vulnerability in the Qualcomm Adreno GPU. The bug can be used to leak information in other user apps, as well as in the kernel from an untrusted app. The directory adreno_user contains a proof-of-concept for leaking memory from other applications. It will repeatedly trigger the bug and read the stale information contained in memory pages.
14a7bc813fbfd5b0814582d935ba39c5649faf3bc3609e054c88db47e4159c41Qualcomm kgsl driver use-after-free proof of concept exploit. The bug can be used to gain arbitrary kernel memory read and write from the untrusted app domain, which is then used to disable SELinux and gain root. The exploit is tested on the Samsung Galaxy Z Flip 3 (European version SM-F711B) with firmware version F711BXXS2BUL6, Baseband F711BXXU2BUL4 and Kernel version 5.4.86-qgki-23063627-abF711BXXS2BUL6 (EUX region).
013038a08c172f14d7c3c6abb8e3556978d9037f5c5e575225e2ff3cf63e5655Qualcomm kgsel driver proof of concept use-after-free exploit. The bug can be used to gain arbitrary kernel code execution, read and write from the untrusted app domain. The exploit is tested on Samsung Galaxy A71 with firmware version A715FXXU3ATJ2, Baseband A715FXXU3ATI5 and Kernel version 4.14.117-19828683.
b38ccffb8c90b392f46848fba04831d2ef7063a8f36bb2c4835fd662f0d5379eProof of concept exploit for Android on Arm Mali GPU with a kernel driver bug that can be used to gain arbitrary kernel code execution from the untrusted app domain, which is then used to disable SELinux and gain root. The exploit is tested on the Google Pixel 6 with the November 2022 and January 2023 patch.
1c81e6cc4abcfe0ecb1417d1ee980963d887a2109472ab157bbd2c2fa62921efProof of concept exploit for the Arm Mali GPU that can be used to gain arbitrary kernel code execution from the untrusted app domain, which is then used to disable SELinux and gain root. The exploit is tested on the Google Pixel 6. The original exploit that was sent to Google is included as hello-jni.c as a reference and was tested on the July 2022 patch of the Pixel 6. Due to the fact that Pixel 6 cannot be downgraded from Android 13 to Android 12, an updated version of the exploit, mali_shrinker_mmap.c is included, which supports various firmware in Android 13, including the December patch, which is the latest affected version.
bc50f9e9f9fe69b36613124dc79ca07e6c6523713f3c1192a6204b4ec7783f2cProof of concept exploit for a memory corruption vulnerability in the Arm Mali GPU kernel driver that was reported in January of 2022. The bug can be used to gain arbitrary kernel code execution from the untrusted app domain, which is then used to disable SELinux and gain root. The exploit is tested on the Google Pixel 6 and supports patch levels from November 2021 to February 2022. It is easy to add support for other firmware by changing a few image offsets.
66eea2398301c881c76dc1359392bb4e7585bacb1998c8e4de619ba964588857Proof of concept exploit for GHSL-2023-005. A security patch from the upstream Arm Mali driver somehow got missed out in the update for the Pixel phones and was reported to Google in January 2023. The bug can be used to gain arbitrary kernel code execution from the untrusted app domain, which is then used to disable SELinux and gain root. The exploit is tested on the Google Pixel 6 for devices running the January 2023 patch.
b4dee085caf18f3a2b27ef4e7e723670fff60eb3022abf602e9819d7317518e8Proof of concept exploit for Oracle RMAN on Oracle database versions 19c, 18c, 12.2.0.1, and 12.1.0.2 where recovery actions are not adequately logged.
4059913b910843fd7806fdd44a93afe09ba3bfaf7adb61de29614d5ac1df0dfcFortigate version 7.0.1 post authentication stack overflow zero day proof of concept exploit.
122dadbd84dd704ea57462ca66b6e746cb96632b68962fd5dd9add747b0391c5PaperCut MF/NG proof of concept exploit that uses an authentication bypass vulnerability chained with abuse of built-in scripting functionality to execute code.
e01888c501e68b969faf6f9f0762260b9738e28e6c41609aee12cd8f6079824bSwagger UI version 4.1.3 user interface misrepresentation of information proof of concept exploit.
74f00a654a2a4d31c2b12b82b8be249256b117d11759bd35353dda66a083ddc7ImageMagick versions 6.9.11-60 and 7.1.0-48 arbitrary file read proof of concept exploit.
227461e99f3e214a1f0598dff3f2d58078edc4061f9acd2b5625012543e57375Proof of concept code for a critical Microsoft Outlook vulnerability for Windows that allows hackers to remotely steal hashed passwords by simply receiving an email.
82650f1794c39715f1ff003f78302ace745bb32d6a7b8594b0d5025474d9963bProof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different database within the same container.
7a77b45fcc76d5afb91f7f9e5267626d1904eb000933f05496369762ff8b6fb4NetBSD hfslib_reada_node_offset local overflow proof of concept exploit.
aeffa7486397ae14dcb26b948fa13d566e647001d7c05e6c914781abe7d49588Monitorr version 1.7.6 remote shell upload proof of concept exploit written in Python.
01595757eb8db499b07b46be3566c6b8bae226e88e11b02fea9bef8418392389Proof of concept overview on how the DBMS_REDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c.
faa91bafa9b2e6c720d769cabe566e32648af86218a89d1e65f2e8680b811db4Proof of concept remote command execution and file retrieval backdoor script for ModSecurity.
48d8b60d0bc4cdb2a44679ca2e1994ad76834d87845227891745d812a2dd8f7bIBM Websphere Application Server version 7.0 persistent cross site scripting vulnerability proof of concept details.
dc1233536d7555212b10f45b23030e26739234a2f687d52112ff10261d1e40e6Roxy Fileman versions 1.4.6 and below remote shell upload proof of concept exploit.
16a9c59173c82b869a340397a5e68377531e0e0f9be9781793142e4f47786e1bThis is a whitepaper along with a proof of concept eml file discussing CVE-2020-16947 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version 16.0.13231.20262 when it fails to properly handle objects in memory.
e10886839475e813dff9362bc048392f047b424255b849ca304a468b0daa17a3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed