Linux local root exploit that requires that PERF_EVENTS be compiled into the kernel. This has been fixed in 3.8.10. This bug apparently got backported from 2.6.37 into CentOS5 2.6.32 kernels.
2f5dc509c381d9e991e5bf9ec1e43911abf68baf1a9e3035473ddfd75ba8c11aLocal root exploit for Archlinux that allows an unprivileged user to take over control in kernel mode due to an out-of-bounds access of the sock_diag_handlers[] array. Works reliably against x86-64 3.3-3.7.
25f2aab0c8030a52582b1a4727080cb36afc4818b3e2b57e373fe61a918c940dLinux kernel 2.6.11 and below CPL 0 local exploit. Third version/variant of this exploit.
1ca572d08790256ea24ef02a696eaf5397c0fc2f20cbdaf34cbe38b22906afe9SucKIT Rootkit v2.0-devel-rc2. Easy-to-use, Linux-i386 kernel-based rootkit. The code stays in memory through /dev/kmem trick, without help of LKM support nor System.map or such things. Everything is done on the fly. It can hide PIDs, files, tcp/udp/raw sockets and sniff TTYs.
7fca632fdea9a39f68498af15c5cf2af2989c26aaccbd99bb62ead37a0eecc69Local sys_uselib root exploit for the Linux 2.4 and 2.6 kernel series.
e95832127ef41cadddcf73aab42cbb0168d07344395d3aa6b43c4b4a5ffb0fdcSendmail 8.11.5 and below local root exploit. Tested against Red Hat 7.0 and 7.1, SuSE 7.2, and Slackware 8.0.
91760643cbea23f0d407bfbe6adb92fff440f2e21775e64c29e8d836351f91b9The SucKIT is easy-to-use, Linux-i386 kernel-based rootkit. The code stays in memory through /dev/kmem trick, without help of LKM support nor System.map or such things. Everything is done on the fly. It can hide PIDs, files, tcp/udp/raw sockets, sniff TTYs. Next, it have integrated TTY shell access (xor+sha1) which can be invoked through any running service on a server. No compiling on target box needed, one binary can work on any of 2.2.x & 2.4.x kernels precompiled (libc-free).
0782e8116250f17749de320363e484ece37a2856ab5f59c96075f788b0c901a8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed