分类 Linux/Unix 下的文章
Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' 条件竞争漏洞
/* chocobo_root.c linux AF_PACKET race condition exploit exploit for Ubuntu 16.04 x86_64 vroom vroom *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= user@ubuntu:~$ uname -a Li...
PostScript语言安全研究(一)ImageMagick新漏洞分析
Author:数据流(Flyin9_L)前言:主流的东西太多了,还是研究一些非主流的语言好玩。PostScript(PS)是一种页面描述性语言,由Adobe开发,后由Apple推进发展。开始是应用于工业印刷绘图排版,现在广泛适用于打印机。虽然PostScript是比较冷门的语言,但与我们比较熟悉的PDF的部分元素也是由PostScript语言编写。利用PS的特性与弱点可对解析器与打印机进行攻...
inux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset OOB Privilege Escalation
/* EDB Note: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40053.zip */ --------------------------------------------------- decr.c --------------------...
Tomcat 服务本地提权漏洞预警
<section class="" data-custom="#3CA4F8" data-color="#3CA4F8" data-tools="135编辑器" data-id="52"><section><section class=""&g...
Apache 2.4.7 & PHP <= 7.0.2 - openssl_seal() Uninitialized Memory Code Execution
<?php // Source: http://akat1.pl/?id=1 function get_maps() { $fh = fopen("/proc/self/maps", "r"); $maps = fread($fh, 331337); fclose($fh); return explod...
Ubuntu 16.04 local root exploit - netfilter target_offset OOB
--------------------------------------------------- decr.c --------------------------------------------------- /** * Ubuntu 16.04 local root exploit - netfilter target_offset OOB * check_compa...