https://duasynt.com/feed.atom Recent Posts 2020-09-04T00:00:00+10:05 DUASYNT Information Security - https://duasynt.com/blog/android-uao-kernel-expl-mitigation UAO (User Access Override) as a mitigation against addr_limit overwrites 2020-09-04T18:10:00+10:05 Vitaly Nikolenko UAO (User Access Override) implementation details in the Linux/Android kernel as mitigation against the addr_limit overwrite kernel exploitation technique 2020-09-04T18:10:00+10:05 https://duasynt.com/blog/samsung-s20-rkp-selinux-disable SELinux RKP misconfiguration on S20 devices 2020-08-13T20:50:00+10:05 Vitaly Nikolenko Samsung S20 RKP misconfiguration allowing trivial SELinux bypass 2020-08-13T20:50:00+10:05 https://duasynt.com/blog/google-pixel-uart-serial-cable Google Pixel UART serial cable 2017-01-10T19:10:00+10:05 Vitaly Nikolenko 2017-01-10T19:10:00+10:05 https://duasynt.com/blog/ms14-068-exploitation-pentest Exploiting MS14-068 - just another pentest 2014-12-10T20:46:00+10:05 Vitaly Nikolenko MS14-068 exploitation to gain domain Administrator privileges 2014-12-10T20:46:00+10:05 https://duasynt.com/blog/linux-kernel-heap-spray Linux Kernel universal heap spray 2018-10-23T21:38:00+10:05 Vitaly Nikolenko Universal Linux kernel heap spray 2018-10-23T21:38:00+10:05 https://duasynt.com/blog/cve-2016-6187-heap-off-by-one-exploit CVE-2016-6187: Exploiting Linux kernel heap off-by-one 2016-10-16T20:38:00+10:05 Vitaly Nikolenko CVE-2016-6187 heap off-by-one exploit 2016-10-16T20:38:00+10:05 https://duasynt.com/blog/vmware-linux-poc VMware + Linux 3.x PoC 2016-06-13T12:10:00+10:05 Vitaly Nikolenko VMware + Linux 3.x 0day 2016-06-13T12:10:00+10:05 https://duasynt.com/blog/cve-2016-0728-poc-not-working Latest and greatest PoC CVE-2016-0728 not working? 2016-01-22T11:38:00+10:05 Vitaly Nikolenko Public CVE-2016-0728 exploit not working? 2016-01-22T11:38:00+10:05 https://duasynt.com/blog/linux-kernel-rop-part1 Linux Kernel ROP (Part 1) - Ropping your way to # 2016-01-17T17:39:00+10:05 Vitaly Nikolenko In part 1 of this tutorial we demonstrate how a Linux kernel ROP chain can be constructed to elevate user privileges 2016-01-17T17:39:00+10:05 https://duasynt.com/blog/cve-2014-4699-linux-kernel-ptrace-sysret-analysis CVE-2014-4699: Linux Kernel ptrace/sysret vulnerability analysis 2014-07-21T18:52:00+10:05 Vitaly Nikolenko Exploitation of the CVE-2014-4699 sysret Linux kernel vulnerability 2014-07-21T18:52:00+10:05 https://duasynt.com/blog/cve-2014-4014-local-privilege-escalation CVE-2014-4014: Linux Kernel Local Privilege Escalation "exploitation" 2014-06-19T18:23:00+10:05 Vitaly Nikolenko Exploitation of CVE-2014-4014: incorrect use of inode_capable() in user namespaces 2014-06-19T18:23:00+10:05 https://duasynt.com/blog/vmware-hardware-version-exploit-dev Differences in VMware hardware versions for exploit writers 2014-06-07T14:19:00+10:05 Vitaly Nikolenko VMware hardware versions prior to 9 do not support SMEP even if the CPU supports it 2014-06-07T14:19:00+10:05 https://duasynt.com/blog/linux-kernel-exploit-not-working Linux kernel root exploit not working? 2014-06-04T21:21:00+10:05 Vitaly Nikolenko If your Linux kernel exploit not working, check if SMEP is supported by your CPU 2014-06-04T21:21:00+10:05 https://duasynt.com/blog/cve-2014-2851-group_info-use-after-free-exploitation CVE-2014-2851 group_info UAF Exploitation 2016-01-02T00:10:00+10:05 Vitaly Nikolenko This is a case study for the use-after-free vulnerability which was assigned CVE-2014-2851 and affected Linux kernels through 3.14.1 2016-01-02T00:10:00+10:05 https://duasynt.com/blog/cve-2014-4943-pppol2tp-dos-analysis CVE-2014-4943 - PPPoL2TP DoS Analysis 2015-10-01T18:38:00+10:05 Vitaly Nikolenko CVE-2014-4943 PPPoL2TP vulnerability DoS analysis - exploiting differences between PPPoL2TP and UDP sockets 2015-10-01T18:38:00+10:05 https://duasynt.com/blog/linux-kernel-module-autoloading Linux kernel module autoloading 2019-07-23T14:29:00+10:05 Michael S Brief introduction to the Linux kernel autoloading process which significantly increases the kernel attack surface 2019-07-23T14:29:00+10:05 https://duasynt.com/blog/cve-2019-2215-android-binder-uaf-s9 CVE-2019-2215 Android Binder Use-after-free on Samsung S9 2020-01-04T12:21:00+10:05 Michael S Binder exploit on Samsung S9 devices 2020-01-04T12:21:00+10:05 https://duasynt.com/blog/ubuntu-centos-redhat-privesc CVE-2019-15666 Ubuntu / CentOS / RHEL Linux Kernel 4.4 - 4.18 privilege escalation 2020-01-15T16:38:00+10:05 Vitaly Nikolenko Ubuntu 18.04 16.04 14.04 / CentOS 8 / RHEL 8 kernel local privilege escalation 2020-01-15T16:38:00+10:05