├── 2010-csaw-kernel-exploit ├── Makefile ├── csaw.c ├── dump.c └── exp.c ├── 2013-csaw-kernel-exploit ├── Makefile ├── main.c └── solution.c ├── 2014-csaw-kernel-exploit ├── Makefile ├── main.c └── solution.c ├── 2015-csaw-kernel-exploit ├── Makefile ├── main.c ├── solution.c └── solution.c~ ├── 2017-0ctf-knote ├── README.md ├── bzImage ├── exp.py ├── exploit.c ├── knote_faba37a1e4adc15d79dbd1cdf708c22a.tar.gz ├── note.ko ├── pack.sh ├── rootfs.cpio └── run.sh ├── 2017-ncstisc-babydriver ├── README.md ├── babydriver.ko ├── babydriver_0D09567FACCD2E891578AA83ED3BABA7.tar ├── boot.sh ├── bzImage ├── exp.c ├── exp.py └── rootfs.cpio ├── 2018-qwb-core ├── README.md ├── bzImage ├── core.cpio ├── core.i64 ├── core.ko ├── exp.c ├── start.sh └── vmlinux ├── CVE-2008-0600 ├── CVE-2008-0600.c ├── README.md └── page_32.h ├── CVE-2009-2692 ├── README.md ├── exp-1 │ ├── exploit.c │ ├── run.c │ └── run.sh └── exp-2 │ ├── exploit.c │ ├── pwnkernel.c │ └── wunderbar_emporium.sh ├── CVE-2010-3301 └── pwn.c ├── CVE-2010-3904 ├── README.md ├── detailed.txt └── exploit.c ├── CVE-2010-4258 └── exploit.c ├── NON_ANALYSIS_CVE ├── CVE-2017-1000112 │ └── poc.c └── CVE-2017-7308 │ ├── README.md │ └── poc.c ├── README.md ├── kernel_rop ├── Makefile ├── README.md ├── drv.c ├── drv.h ├── find_offset.py ├── rop_exploit.c └── trigger.c ├── null_exp ├── Makefile ├── null.c ├── null_exp.c └── sc.s ├── stack_smashing ├── Makefile ├── exp.c └── stack.c └── stackjacking ├── Makefile ├── leak.c ├── main.c └── stackjacking.c /2010-csaw-kernel-exploit/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2010-csaw-kernel-exploit/Makefile -------------------------------------------------------------------------------- /2010-csaw-kernel-exploit/csaw.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2010-csaw-kernel-exploit/csaw.c -------------------------------------------------------------------------------- /2010-csaw-kernel-exploit/dump.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2010-csaw-kernel-exploit/dump.c -------------------------------------------------------------------------------- /2010-csaw-kernel-exploit/exp.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2010-csaw-kernel-exploit/exp.c -------------------------------------------------------------------------------- /2013-csaw-kernel-exploit/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2013-csaw-kernel-exploit/Makefile -------------------------------------------------------------------------------- /2013-csaw-kernel-exploit/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2013-csaw-kernel-exploit/main.c -------------------------------------------------------------------------------- /2013-csaw-kernel-exploit/solution.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2013-csaw-kernel-exploit/solution.c -------------------------------------------------------------------------------- /2014-csaw-kernel-exploit/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2014-csaw-kernel-exploit/Makefile -------------------------------------------------------------------------------- /2014-csaw-kernel-exploit/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2014-csaw-kernel-exploit/main.c -------------------------------------------------------------------------------- /2014-csaw-kernel-exploit/solution.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2014-csaw-kernel-exploit/solution.c -------------------------------------------------------------------------------- /2015-csaw-kernel-exploit/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2015-csaw-kernel-exploit/Makefile -------------------------------------------------------------------------------- /2015-csaw-kernel-exploit/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2015-csaw-kernel-exploit/main.c -------------------------------------------------------------------------------- /2015-csaw-kernel-exploit/solution.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2015-csaw-kernel-exploit/solution.c -------------------------------------------------------------------------------- /2015-csaw-kernel-exploit/solution.c~: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2015-csaw-kernel-exploit/solution.c~ -------------------------------------------------------------------------------- /2017-0ctf-knote/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/README.md -------------------------------------------------------------------------------- /2017-0ctf-knote/bzImage: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/bzImage -------------------------------------------------------------------------------- /2017-0ctf-knote/exp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/exp.py -------------------------------------------------------------------------------- /2017-0ctf-knote/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/exploit.c -------------------------------------------------------------------------------- /2017-0ctf-knote/knote_faba37a1e4adc15d79dbd1cdf708c22a.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/knote_faba37a1e4adc15d79dbd1cdf708c22a.tar.gz -------------------------------------------------------------------------------- /2017-0ctf-knote/note.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/note.ko -------------------------------------------------------------------------------- /2017-0ctf-knote/pack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/pack.sh -------------------------------------------------------------------------------- /2017-0ctf-knote/rootfs.cpio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/rootfs.cpio -------------------------------------------------------------------------------- /2017-0ctf-knote/run.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-0ctf-knote/run.sh -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/README.md -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/babydriver.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/babydriver.ko -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/babydriver_0D09567FACCD2E891578AA83ED3BABA7.tar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/babydriver_0D09567FACCD2E891578AA83ED3BABA7.tar -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/boot.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/boot.sh -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/bzImage: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/bzImage -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/exp.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/exp.c -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/exp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/exp.py -------------------------------------------------------------------------------- /2017-ncstisc-babydriver/rootfs.cpio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2017-ncstisc-babydriver/rootfs.cpio -------------------------------------------------------------------------------- /2018-qwb-core/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/README.md -------------------------------------------------------------------------------- /2018-qwb-core/bzImage: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/bzImage -------------------------------------------------------------------------------- /2018-qwb-core/core.cpio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/core.cpio -------------------------------------------------------------------------------- /2018-qwb-core/core.i64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/core.i64 -------------------------------------------------------------------------------- /2018-qwb-core/core.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/core.ko -------------------------------------------------------------------------------- /2018-qwb-core/exp.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/exp.c -------------------------------------------------------------------------------- /2018-qwb-core/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/start.sh -------------------------------------------------------------------------------- /2018-qwb-core/vmlinux: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/2018-qwb-core/vmlinux -------------------------------------------------------------------------------- /CVE-2008-0600/CVE-2008-0600.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2008-0600/CVE-2008-0600.c -------------------------------------------------------------------------------- /CVE-2008-0600/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2008-0600/README.md -------------------------------------------------------------------------------- /CVE-2008-0600/page_32.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2008-0600/page_32.h -------------------------------------------------------------------------------- /CVE-2009-2692/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/README.md -------------------------------------------------------------------------------- /CVE-2009-2692/exp-1/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/exp-1/exploit.c -------------------------------------------------------------------------------- /CVE-2009-2692/exp-1/run.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/exp-1/run.c -------------------------------------------------------------------------------- /CVE-2009-2692/exp-1/run.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/exp-1/run.sh -------------------------------------------------------------------------------- /CVE-2009-2692/exp-2/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/exp-2/exploit.c -------------------------------------------------------------------------------- /CVE-2009-2692/exp-2/pwnkernel.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/exp-2/pwnkernel.c -------------------------------------------------------------------------------- /CVE-2009-2692/exp-2/wunderbar_emporium.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2009-2692/exp-2/wunderbar_emporium.sh -------------------------------------------------------------------------------- /CVE-2010-3301/pwn.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2010-3301/pwn.c -------------------------------------------------------------------------------- /CVE-2010-3904/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2010-3904/README.md -------------------------------------------------------------------------------- /CVE-2010-3904/detailed.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2010-3904/detailed.txt -------------------------------------------------------------------------------- /CVE-2010-3904/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2010-3904/exploit.c -------------------------------------------------------------------------------- /CVE-2010-4258/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/CVE-2010-4258/exploit.c -------------------------------------------------------------------------------- /NON_ANALYSIS_CVE/CVE-2017-1000112/poc.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/NON_ANALYSIS_CVE/CVE-2017-1000112/poc.c -------------------------------------------------------------------------------- /NON_ANALYSIS_CVE/CVE-2017-7308/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/NON_ANALYSIS_CVE/CVE-2017-7308/README.md -------------------------------------------------------------------------------- /NON_ANALYSIS_CVE/CVE-2017-7308/poc.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/NON_ANALYSIS_CVE/CVE-2017-7308/poc.c -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # kernel_exploit 2 | -------------------------------------------------------------------------------- /kernel_rop/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/kernel_rop/Makefile -------------------------------------------------------------------------------- /kernel_rop/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/kernel_rop/README.md -------------------------------------------------------------------------------- /kernel_rop/drv.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/kernel_rop/drv.c -------------------------------------------------------------------------------- /kernel_rop/drv.h: -------------------------------------------------------------------------------- 1 | struct drv_req { 2 | unsigned long offset; 3 | }; 4 | -------------------------------------------------------------------------------- /kernel_rop/find_offset.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/kernel_rop/find_offset.py -------------------------------------------------------------------------------- /kernel_rop/rop_exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/kernel_rop/rop_exploit.c -------------------------------------------------------------------------------- /kernel_rop/trigger.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/kernel_rop/trigger.c -------------------------------------------------------------------------------- /null_exp/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/null_exp/Makefile -------------------------------------------------------------------------------- /null_exp/null.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/null_exp/null.c -------------------------------------------------------------------------------- /null_exp/null_exp.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/null_exp/null_exp.c -------------------------------------------------------------------------------- /null_exp/sc.s: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/null_exp/sc.s -------------------------------------------------------------------------------- /stack_smashing/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stack_smashing/Makefile -------------------------------------------------------------------------------- /stack_smashing/exp.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stack_smashing/exp.c -------------------------------------------------------------------------------- /stack_smashing/stack.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stack_smashing/stack.c -------------------------------------------------------------------------------- /stackjacking/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stackjacking/Makefile -------------------------------------------------------------------------------- /stackjacking/leak.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stackjacking/leak.c -------------------------------------------------------------------------------- /stackjacking/main.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stackjacking/main.c -------------------------------------------------------------------------------- /stackjacking/stackjacking.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w0lfzhang/kernel_exploit/HEAD/stackjacking/stackjacking.c --------------------------------------------------------------------------------