In this blog post we'll go over a Linux kernel privilege escalation vulnerability I discovered which enables arbitrary code execution within the kernel. The vulnerability affected all devices based on Qualcomm chipsets (that is, based on the "msm&quo…

SRC= http://www.tenouk.com/Bufferoverflowc/Bufferoverflow6.html THE VULNERABLE AND THE EXPLOIT     Warning:  All the security setting for buffer overflow protection (non-executable stack and randomization of the certain portion of memory addresses) o…

http://blog.includesecurity.com/2014/03/exploit-CVE-2014-0038-x32-recvmmsg-kernel-vulnerablity.html On January 31st 2014 a post appeared on oss-seclist [1] describing a bug in the Linux kernel implementation of the x32 recvmmsg syscall that could pot…

NOTE: This specific issue was fixed before the launch of Privacy-Preserving Contact Tracing in iOS 13.5 in May 2020. In this demo I remotely trigger an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proxi…

Hack team之后adobe和google合作对flash进行了大改,一度提高了flash的利用门槛,CVE-2015-7645作为第一个突破这些限制的漏洞利用方式,可以作为vetect利用方式之后的一个模板,应该是今年最后一篇技术文章了哈哈. 漏洞分析 POC由三个as文件superexternalizable,subexternalizable,externalizable组成. 该漏洞由IExternalizable导致,这个类导出两个函数readExternal和writeExter…

#!/usr/bin/env python # -*- coding: utf-8 -*- # Exploit Title: ZTE and TP-Link RomPager DoS Exploit # Date: 10-05-2014 # Server Version: RomPager/4.07 UPnP/1.0 # Tested Routers: ZTE ZXV10 W300 # TP-Link TD-W8901G # TP-Link TD-W8101G # TP-Link TD-8840…

#!/usr/bin/python # Exploit Title: Kingsoft Office Writer v2012 8.1.0.3385 .wps Buffer Overflow Exploit (SEH) # Version: 2012 8.1.0.3385 # Date: 2013-11-27 # Author: Julien Ahrens (@MrTuxracer) # Homepage: http://www.rcesecurity.com # Software Link:…

This paper presented a very interesting topic. Censorship in China has always drawn people's attention since in a perspective of universal values censorship repress the free will of people to express themselves. This paper, focusing on the censorship…

前言 微软的Windows在企业或是个人应用领域占据着最大的市场份额,在渗透测试过程中你会经常遇到很多Windows的工作站和服务器.另一方面,大多数渗透测试人员主要使用基于Linux的发行版渗透测试系统,比如Kali Linux或者Pentoo和Backbox.因此你可能就需要有在Linux机器上快速编译Windows Exploit的能力.一款叫做"Mingw-w64"的软件可以解决这个问题. Mingw-w64 是一款用于创建Windows应用程序的开源开发环境.Mingw-w6…

题目描述 Recently, Miss Huang want to receive a Tree as her birthday gift! (What a interesting person!)  As a interesting person, Miss Huang likes interesting tree. The interesting tree is a tree with the Max interesting degree. The interesting degree eq…