Security researchers discovered 3 vulnerabilities in the Linux kernel that could allow a local attacker to elevate privileges and potentially execute malicious code. The proof-of-concept code is publicly available increasing the likelihood of exploitation in the wild.
https://github.com/greek0x0/2022-LPE-UAF
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
#LPE
https://github.com/greek0x0/2022-LPE-UAF
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
#LPE
GitHub
GitHub - greek0x0/2022-LPE-UAF: PoC of various bugs in the Linux kernel
PoC of various bugs in the Linux kernel. Contribute to greek0x0/2022-LPE-UAF development by creating an account on GitHub.
The sources of the Linux kernel exploitation technique called DirtyCred are now on GitHub. The attack, which was presented at Black Hat 2022 security conference, is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privileges without overwriting any critical data on the kernel heap.
https://github.com/Markakd/DirtyCred
#LPE
https://github.com/Markakd/DirtyCred
#LPE
GitHub
GitHub - Markakd/DirtyCred: Kernel exploitation technique
Kernel exploitation technique. Contribute to Markakd/DirtyCred development by creating an account on GitHub.
Named Pipe File System Elevation of Privilege Vulnerability CVE-2022-22715
https://github.com/k0keoyo/my_vulnerabilities/tree/master/CVE-2022-22715
Write up:
https://whereisk0shl.top/post/break-me-out-of-sandbox-in-old-pipe-cve-2022-22715-windows-dirty-pipe
#LPE #Windows
https://github.com/k0keoyo/my_vulnerabilities/tree/master/CVE-2022-22715
Write up:
https://whereisk0shl.top/post/break-me-out-of-sandbox-in-old-pipe-cve-2022-22715-windows-dirty-pipe
#LPE #Windows
GitHub
my_vulnerabilities/CVE-2022-22715 at master · k0keoyo/my_vulnerabilities
Contribute to k0keoyo/my_vulnerabilities development by creating an account on GitHub.
CVE-2022-32250-Linux-Kernel-LPE
demo : https://www.youtube.com/watch?v=YqmwA6fPjKE
https://github.com/theori-io/CVE-2022-32250-exploit
demo : https://www.youtube.com/watch?v=YqmwA6fPjKE
https://github.com/theori-io/CVE-2022-32250-exploit
Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).
https://github.com/xRET2pwn/Teamsniper
#Teamsniper #redteaming
https://github.com/xRET2pwn/Teamsniper
#Teamsniper #redteaming
GitHub
GitHub - xRET2pwn/Teamsniper: Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database…
Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.). - GitHub - xRET2pwn/Teamsniper: Teamsniper is a tool for fetching keywords in a Microso...