https://solc0nf.github.io/tags/exploit/index.html Recent content in exploit on solc0nf Hugo -- gohugo.io en-us Thu, 09 Mar 2023 15:38:15 +0400 https://solc0nf.github.io/exploit-articles/dirty-pipe/index.html Thu, 09 Mar 2023 15:38:15 +0400 https://solc0nf.github.io/exploit-articles/dirty-pipe/index.html Vulnerability Affected OS CVE CVSS Score Disclosure Date Dirty Pipe Linux (kernel versions 5.8 and newer) CVE-2022-0847 7.8 (high) March 7 2022 This exploit was disclosed by Max Kellermann. DirtyPipe is a local privilege escalation vulnerability, which allows a user to bypass file permission restrictions and write arbitrary data to any file, provided certain conditions are met, the primary one being that the user has to have read permissions to the file. https://solc0nf.github.io/exploit-articles/shellshock/index.html Wed, 08 Mar 2023 07:17:41 +0400 https://solc0nf.github.io/exploit-articles/shellshock/index.html ShellShock is a vulnerability in the Bash shell (GNU Bash upto version 4.3) that allows Bash to execute unintentional commands from environment variables. Attackers can issue commands remotely on the target host with elevated privileges, resulting in complete takeover of the system. Let us have a look at what environment variables are. Environment variables are the variables specific to a certain environment, like a root user would have different environment variables than a normal user in a Linux system. https://solc0nf.github.io/exploit-articles/samba-trans2open-exploit/index.html Tue, 07 Mar 2023 19:31:16 +0400 https://solc0nf.github.io/exploit-articles/samba-trans2open-exploit/index.html A little about Samba. Samba is the standard Windows interoperabiity suite of programs for Linux and Unix. The Samba package provides secure, stable and fast file and print services for all clients such as OS/2, Linux, FreeBSD, using the SMB/CIFS protocol. Samba is an important component to seamlessly integrate Linux servers and desktops into a Windows Active Directory environment. It can function both as a domain controller or as a regular domain member. https://solc0nf.github.io/exploit-articles/the-dirtycow-exploit/index.html Mon, 06 Mar 2023 08:19:38 +0400 https://solc0nf.github.io/exploit-articles/the-dirtycow-exploit/index.html DirtyCOW (CVE-2016-5195) The DirtyCOW is a vulnerability in the Linux kernel which allowed processes, write access to read only memory mappings. This vulnerability was discovered by Phil Oester. The vulnerability is called DirtyCOW because the issue is caused by a race condition 1 in the way the kernel handles copy-on-write (COW) COW is an optimization strategy used by operating systems. When multiple processes ask for resources, the system can give them pointers to the same resource. https://solc0nf.github.io/exploit-articles/eternal-blue/index.html Sat, 04 Mar 2023 17:23:17 +0400 https://solc0nf.github.io/exploit-articles/eternal-blue/index.html EternalBlue is the name given to a series of Microsoft software vulnerabilities, as well as an exploit developed by the Unites State’s NSA, as a cyber attack tool. Although the EternalBlue exploit affects only Windows operating systems, anything that uses the SMBv1 file sharing protocol is vulnerable to attack, such as Siemens ultrasound medical equipment. EternalBlue was developed the NSA as a part of their controversial program of stockpiling and weaponizing cybersecurity vulnerabilities, rather that flagging those to the appropriate vendor for remediation.