Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- fourchan@jeff:~$ curl -o - https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh | bash
- % Total % Received % Xferd Average Speed Time Time Time Current
- Dload Upload Total Spent Left Speed
- 100 43052 100 43052 0 0 73803 0 --:--:-- --:--:-- --:--:-- 73719
- Kernel version: 4.4.0
- Architecture: x86_64
- Distribution: ubuntu
- Package list: from current OS
- Possible Exploits:
- [+] [CVE-2015-3290] espfix64_NMI
- Details: http://www.openwall.com/lists/oss-security/2015/08/04/8
- Download URL: https://www.exploit-db.com/download/37722
- [+] [CVE-2016-0728] keyring
- Details: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
- Download URL: https://www.exploit-db.com/download/40003
- Comments: Exploit takes about ~30 minutes to run
- [+] [CVE-2016-2384] usb-midi
- Details: https://xairy.github.io/blog/2016/cve-2016-2384
- Tags: ubuntu=14.04,fedora=22
- Download URL: https://raw.githubusercontent.com/xairy/kernel-exploits/master/CVE-2016-2384/poc.c
- Comments: Requires ability to plug in a malicious USB device and to execute a malicious binary as a non-privileged user
- [+] [N/A] target_offset
- Details: https://www.exploit-db.com/exploits/40049/
- Tags: ubuntu=16.04(kernel:4.4.0-21)
- Download URL: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40053.zip
- Comments: ip_tables.ko needs to be loaded
- [+] [CVE-2016-4557] double-fdput()
- Details: https://bugs.chromium.org/p/project-zero/issues/detail?id=808
- Tags: ubuntu=16.04(kernel:4.4.0-62)
- Download URL: https://bugs.chromium.org/p/project-zero/issues/attachment?aid=232552
- Comments: CONFIG_BPF_SYSCALL needs to be set && kernel.unprivileged_bpf_disabled != 1
- [+] [CVE-2016-5195] dirtycow
- Details: https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
- Tags: RHEL=5|6|7,debian=7|8,ubuntu=16.10|16.04|14.04|12.04
- Download URL: https://www.exploit-db.com/download/40611
- [+] [CVE-2016-5195] dirtycow 2
- Details: https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
- Tags: RHEL=5|6|7,debian=7|8,ubuntu=16.10|16.04|14.04|12.04
- Download URL: https://www.exploit-db.com/download/40616
- [+] [CVE-2016-8655] chocobo_root
- Details: http://www.openwall.com/lists/oss-security/2016/12/06/1
- Tags: ubuntu=16.04|14.04
- Download URL: https://www.exploit-db.com/download/40871
- [+] [CVE-2016-9793] SO_{SND|RCV}BUFFORCE
- Details: https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793
- Download URL: https://raw.githubusercontent.com/xairy/kernel-exploits/master/CVE-2016-9793/poc.c
- Comments: CAP_NET_ADMIN caps OR CONFIG_USER_NS=y needed. No SMEP/SMAP/KASLR bypass included
- [+] [CVE-2017-6074] dccp
- Details: http://www.openwall.com/lists/oss-security/2017/02/22/3
- Tags: ubuntu=16.04
- Download URL: https://www.exploit-db.com/download/41458
- Comments: Requires Kernel be built with CONFIG_IP_DCCP enabled. Includes partial SMEP/SMAP bypass
- [+] [CVE-2017-7308] af_packet
- Details: https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
- Tags: ubuntu=16.04(kernel:4.8.0-41)
- Download URL: https://raw.githubusercontent.com/xairy/kernel-exploits/master/CVE-2017-7308/poc.c
- Comments: CAP_NET_RAW capability is needed OR CONFIG_USER_NS=y needs to be enabled
- [+] [CVE-2017-1000112] NETIF_F_UFO
- Details: http://www.openwall.com/lists/oss-security/2017/08/13/1
- Tags: ubuntu=14.04(kernel:4.4.0-*)|16.04(kernel:4.8.0-*)
- Download URL: https://raw.githubusercontent.com/xairy/kernel-exploits/master/CVE-2017-1000112/poc.c
- Comments: CAP_NET_ADMIN cap or CONFIG_USER_NS=y needed. SMEP/KASLR bypass included
- [+] [CVE-2017-1000253] PIE_stack_corruption
- Details: https://www.qualys.com/2017/09/26/linux-pie-cve-2017-1000253/cve-2017-1000253.txt
- Tags: RHEL=7(kernel:3.10)
- Download URL: https://www.qualys.com/2017/09/26/linux-pie-cve-2017-1000253/cve-2017-1000253.c
- [+] [CVE-2009-1185] udev
- Details: https://www.exploit-db.com/exploits/8572/
- Tags: ubuntu=8.10|9.04
- Download URL: https://www.exploit-db.com/download/8572
- Comments: Version<1.4.1 vulnerable but distros use own versioning scheme. Manual verification needed
- [+] [CVE-2009-1185] udev 2
- Details: https://www.exploit-db.com/exploits/8478/
- Download URL: https://www.exploit-db.com/download/8478
- Comments: SSH access to non privileged user is needed. Version<1.4.1 vulnerable but distros use own versioning scheme. Manual verification needed
- [+] [CVE-2017-1000367] Sudoer-to-root
- Details: https://www.sudo.ws/alerts/linux_tty.html
- Tags: RHEL=7(sudo:1.8.6p7)
- Download URL: https://www.qualys.com/2017/05/30/cve-2017-1000367/linux_sudo_cve-2017-1000367.c
- Comments: Needs to be sudoer. Works only on SELinux enabled systems
- [+] [CVE-2017-1000367] sudopwn
- Details: https://www.sudo.ws/alerts/linux_tty.html
- Download URL: https://raw.githubusercontent.com/c0d3z3r0/sudo-CVE-2017-1000367/master/sudopwn.c
- Comments: Needs to be sudoer. Works only on SELinux enabled systems
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement