Using Kernel Exploits

Unstable but can be handy if there isn't anything else useful

Some Info

What is a Kernel?

A kernel is the core part of the OS which interacts with the hardware of a computer. Usually the flow of control is like the user "uses" an application software, which can make "calls" or "talks" with the shell. The shell in turn "talks" to the kernel.

What are Kernel Exploits?

The kernel generally has full control of the system. Exploiting a critical kernel vulnerability can lead to root user privileges. This is what kernel exploits do, they exploit a kernel vulnerability in a crafty way to gain privilege access.

How to find?

Find the kernel version.

uname -a

Google the kernel version and find CVEs and the exploit code (Linux is open source so mostly all exploit codes are open source).
Compile and run. Most of them will be in C.

Why you shouldn't use these?

These are highly unreliable and can brick the entire system. Generally in a pentest situation we do not want this to happen.

Popular Exploits

Local Privilege Escalation using 'overlayfs'

Kernel Version: 3.13.0-24 CVE-2015-1328 Link: https://ubuntu.com/security/CVE-2015-1328 Exploit code: https://www.exploit-db.com/exploits/37292

Dirty CoW a Race Condition Privilege Escalation (SUID Method)

Kernel Version: 2.6.32 CVE-2016-5195 Source: http://www.exploit-db.com/exploits/40616

PreviousUsing files with SUID/SGID permission set NextUsing Service Exploits

Last updated 4 months ago