Computer Kodes
Some (public) exploit codes I wrote over the years.
-
- Linux local privilege escalation exploit for CVE-2021-43267. Heap overflow in the TIPC subsystem.
-
- Linux local privilege escalation exploit for CVE-2020-27194. Bypasses the eBPF bytecode verifier in order to gain arbitrary read/write primitive in kernel land.
-
- LAN RCE for ZTE DSL modems. These things are a-plenty in my country and ISP’s/vendors don’t care enough to actually patch up these holes.
-
- I entered SSD’s hack2win competition with this RCE exploit. Bypasses authentication and (ab)uses a very limited command injection vulnerability to stitch together a connectback ELF.
-
- Exim is the gift that keeps on giving, check out this ridiculously simple and reliable method for getting uid0 with CVE-2016-1531.
-
- WPA2 passphrase recovery tool for broadom based UPC cable modems. A fun journey in eCos reverse engineering.
-
- A remote Linux (MIPS) kernel exploit for NETGEAR WiFi routers.
-
- Someone once leaked me some info on a juicy samba vuln (CVE-2012-1182), I wrote a shitty exploit. Has since been ported to a metasploit module by some people.
-
- An exploit for a buffer overflow in Nagios3’s history.cgi.
-
- WAN exploit for buffer overflow vulnerability in ZyXEl DSL modems.
-
- Breaking out of the PHP sandbox (bypassing disable_functions etc.) using (one of many) vulnerabilities disclosed to php.net a long time ago, which remained unfixed for a long while.