29 Mar, 2024

#Linux #kernel #vulnerability #exploit #linux-kernel

CVE-2024-1086 - Dirty Net table

CVE-2024-1086 is a critical vulnerability in the Linux kernel that allows attackers to gain full root privileges on various systems. This exploit targets a bug in the nf_tables component responsible for iptables firewall. The exploit can be built or downloaded, and once executed, it triggers a double-free vulnerability, allowing the attacker to escalate privileges and gain unrestricted access to the physical memory. By locating and overwriting critical kernel structures, attackers can achieve a root shell. It is recommended to patch the Linux kernel or update to version 6.7 to mitigate this vulnerability.

Preston Zen

prestonzen.com

CVE-2024-1086 - Dirty Net table

CVE-2021-3493 - Exploit Summary & Demo

CVE-2021-3493 - Exploit Summary & Demo

CVE-2021-3493 is an exploit code that targets vulnerable default configs for Ubuntu Linux kernels up to version 5.10, allowing unauthorized access to the filesystem through improper permission validation.

Offsec - BTRSys2.1 - Nov 4th 2023

Offsec - BTRSys2.1 - Nov 4th 2023

The text provides information about scanning an IP address and discovering open ports including FTP, SSH, and HTTP. It also identifies a WordPress site and conducts a password attack to gain access. A reverse PHP shell is used to modify a page. A local privilege escalation vulnerability is exploited and a kernel exploit is compiled and sent to the target, but it cannot be executed due to library mismatch. Linpeas is transferred and run, revealing the WordPress database credentials. The root password is cracked and the proof.txt file is accessed.

Offsec - Codo - Oct 31st 2023

Offsec - Codo - Oct 31st 2023

The given target is 192.168.186.23. Recon reveals open ports and services including SSH and HTTP. Dirbuster identifies directories. The main site has an admin login page. Using a hydra command, admin:admin login credentials are found. A search for exploits leads to an arbitrary file upload to RCE vulnerability. A shell is obtained. Privilege escalation is performed by upgrading the shell, running linpeas, and finding the root password. Access is gained as root. Proof.txt contains the proof.

Offsec - SUNSET NOONTIDE - Feb 29th 2023

Offsec - SUNSET NOONTIDE - Feb 29th 2023

Target IP: 192.168.54.120. Reconnaissance using nmap reveals open ports for IRC services. Exploiting a vulnerability in UnrealIRCd allows for command execution. Connection successfully established. Obtained user flag. Performed privilege escalation using linpeas script. Retrieved root flag.

TryHackMe - Kenobi - Oct 29th 2023

TryHackMe - Kenobi - Oct 29th 2023

The target IP is 10.10.76.140. Port scanning reveals several open ports including FTP, SSH, HTTP, RPCbind, NetBIOS, and NFS. Further vulnerability scanning uncovers potential exploits for ProFTPD 1.3.5 and OpenSSH 7.2p2 Ubuntu 4ubuntu2.7. Exploits include CVE-2015-3306 and CVE-2016-8858.

Offsec - ICMP - Nov 4th 2023

Offsec - ICMP - Nov 4th 2023

Target IP is 192.168.172.218. Found open ports 22 and 80. Discovered Monitorr software v1.7.6m. Exploits available for authorization bypass and remote code execution. Obtained encrypted password and decrypted it to gain access. Privilege escalation via hping3. Dumped private key. Successfully accessed root. Summary includes IP address, open ports, software version, exploits, password decryption, privilege escalation, and private key dumping.

DEL