A nice list of root exploits and working links
2008-01-14 21:39
459 查看
Linux
Common
Linux 2.2.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3)
Linux 2.2.x (on exported files, should be vuln) (http://milw0rm.com/exploits/718)
Linux <= 2.2.25 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)
Linux 2.4.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3)
Linux 2.4.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895)
Linux 2.4.x ->Linux kernel 2.4 uselib() privilege elevation exploit (http://milw0rm.com/exploits/778)
Linux 2.4.20 ->Linux Kernel Module Loader Local R00t Exploit (http://milw0rm.com/exploits/12)
Linux <= 2.4.22 ->Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (http://milw0rm.com/exploits/131)
Linux 2.4.22 ->Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC) (http://milw0rm.com/exploits/129)
Linux <= 2.4.24 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)
Linux 2.4.x < 2.4.27-rc3 (on nfs exported files) (http://milw0rm.com/exploits/718)
Linux <= 2.6.2 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)
Linux 2.6.11 -> Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c) (http://milw0rm.com/exploits/1397)
Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate) (http://milw0rm.com/exploits/2031)
Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (http://milw0rm.com/exploits/2011)
Linux 2.6.11 <= 2.6.17.4 -> h00lyshit.c -Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit (http://milw0rm.com/exploits/2013)
Linux 2.6.x < 2.6.7-rc3 (default configuration) (http://milw0rm.com/exploits/718)
Linux 2.6.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895)
Debian
Debian 2.2 ->/usr/bin/pileup Local Root Exploit (http://milw0rm.com/exploits/1170)
Ubuntu
Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability (http://milw0rm.com/exploits/1579)
Slackware
Slackware 7.1 ->/usr/bin/Mail Exploit (http://milw0rm.com/exploits/285)
Mandrake
Mandrake 8.2 -> /usr/mail local exploit (http://milw0rm.com/exploits/40)
Mandrake <= 10.2 -> cdrdao Local Root Exploit (http://milw0rm.com/exploits/997)
Suse
SuSE Linux 9.1 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux 9.2 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux 9.3 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux 10.0 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux Enterprise Server 8 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux Enterprise Server 9 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
BSD
Freebsd
Freebsd 3.5.1 ->Ports package local root (http://milw0rm.com/exploits/286)
Freebsd 4.2 ->Ports package local root (http://milw0rm.com/exploits/286)
FreeBSD 4.x <= 5.4) master.passwd Disclosure Exploit (http://milw0rm.com/exploits/1311)
Openbsd
Openbsd 2.x - 3.3 ->exec_ibcs2_coff_prep_zmagic() Kernel Exploit (http://milw0rm.com/exploits/125)
OpenBSD 3.x-4.0 ->vga_ioctl() root exploit (http://milw0rm.com/exploits/3094)
Sun-Microsystems
Solaris
Solaris 2.4 ->lion24.c (http://milw0rm.com/exploits/328)
Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182)
Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182)
Solaris 5.5.1 ->X11R6.3 xterm (http://milw0rm.com/exploits/338)
Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182)
Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182)
Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/714)
Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/713)
Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/713)
Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/714)
Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182)
Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715)
Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182)
Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715)
Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/714)
Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/713)
Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715)
Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182)
Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715)
Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182)
Solaris 10 (libnspr) Arbitrary File Creation Local Root Exploit (http://milw0rm.com/exploits/2543)
Solaris 10 (libnspr) constructor Local Root Exploit (http://milw0rm.com/exploits/2641)
SunOS
SunOS 5.10 Generic i86pc i386 i86pc (http://milw0rm.com/exploits/1073)
SunOS 5.9 Generic_112233-12 sun4u (http://milw0rm.com/exploits/1073)
Common
Linux 2.2.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3)
Linux 2.2.x (on exported files, should be vuln) (http://milw0rm.com/exploits/718)
Linux <= 2.2.25 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)
Linux 2.4.x ->Linux kernel ptrace/kmod local root exploit (http://milw0rm.com/exploits/3)
Linux 2.4.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895)
Linux 2.4.x ->Linux kernel 2.4 uselib() privilege elevation exploit (http://milw0rm.com/exploits/778)
Linux 2.4.20 ->Linux Kernel Module Loader Local R00t Exploit (http://milw0rm.com/exploits/12)
Linux <= 2.4.22 ->Linux Kernel <= 2.4.22 (do_brk) Local Root Exploit (http://milw0rm.com/exploits/131)
Linux 2.4.22 ->Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC) (http://milw0rm.com/exploits/129)
Linux <= 2.4.24 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)
Linux 2.4.x < 2.4.27-rc3 (on nfs exported files) (http://milw0rm.com/exploits/718)
Linux <= 2.6.2 ->Linux Kernel 2.x mremap missing do_munmap Exploit (http://milw0rm.com/exploits/160)
Linux 2.6.11 -> Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c) (http://milw0rm.com/exploits/1397)
Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 prctl() Local Root Exploit (logrotate) (http://milw0rm.com/exploits/2031)
Linux 2.6.13 <= 2.6.17.4 -> Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (http://milw0rm.com/exploits/2011)
Linux 2.6.11 <= 2.6.17.4 -> h00lyshit.c -Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit (http://milw0rm.com/exploits/2013)
Linux 2.6.x < 2.6.7-rc3 (default configuration) (http://milw0rm.com/exploits/718)
Linux 2.6.x -> pwned.c - Linux 2.4 and 2.6 sys_uselib local root exploit (http://milw0rm.com/exploits/895)
Debian
Debian 2.2 ->/usr/bin/pileup Local Root Exploit (http://milw0rm.com/exploits/1170)
Ubuntu
Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability (http://milw0rm.com/exploits/1579)
Slackware
Slackware 7.1 ->/usr/bin/Mail Exploit (http://milw0rm.com/exploits/285)
Mandrake
Mandrake 8.2 -> /usr/mail local exploit (http://milw0rm.com/exploits/40)
Mandrake <= 10.2 -> cdrdao Local Root Exploit (http://milw0rm.com/exploits/997)
Suse
SuSE Linux 9.1 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux 9.2 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux 9.3 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux 10.0 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux Enterprise Server 8 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
SuSE Linux Enterprise Server 9 -> 'chfn' local root bug (http://milw0rm.com/exploits/1299)
BSD
Freebsd
Freebsd 3.5.1 ->Ports package local root (http://milw0rm.com/exploits/286)
Freebsd 4.2 ->Ports package local root (http://milw0rm.com/exploits/286)
FreeBSD 4.x <= 5.4) master.passwd Disclosure Exploit (http://milw0rm.com/exploits/1311)
Openbsd
Openbsd 2.x - 3.3 ->exec_ibcs2_coff_prep_zmagic() Kernel Exploit (http://milw0rm.com/exploits/125)
OpenBSD 3.x-4.0 ->vga_ioctl() root exploit (http://milw0rm.com/exploits/3094)
Sun-Microsystems
Solaris
Solaris 2.4 ->lion24.c (http://milw0rm.com/exploits/328)
Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182)
Solaris 2.6 with 107733-10 and without 107733-11 (http://milw0rm.com/exploits/1182)
Solaris 5.5.1 ->X11R6.3 xterm (http://milw0rm.com/exploits/338)
Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182)
Solaris 7 with 106950-14 through 106950-22 and without 106950-23 (http://milw0rm.com/exploits/1182)
Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/714)
Solaris 7 without patch 107178-03 (http://milw0rm.com/exploits/713)
Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/713)
Solaris 8 without patch 108949-08 (http://milw0rm.com/exploits/714)
Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182)
Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715)
Solaris 8 with 109147-07 through 109147-24 and without 109147-25 (http://milw0rm.com/exploits/1182)
Solaris 8 with 108993-14 through 108993-31 and without 108993-32 (http://milw0rm.com/exploits/715)
Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/714)
Solaris 9 without patch 116308-01 (http://milw0rm.com/exploits/713)
Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715)
Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182)
Solaris 9 without 113476-11 (http://milw0rm.com/exploits/715)
Solaris 9 without 112963-09 (http://milw0rm.com/exploits/1182)
Solaris 10 (libnspr) Arbitrary File Creation Local Root Exploit (http://milw0rm.com/exploits/2543)
Solaris 10 (libnspr) constructor Local Root Exploit (http://milw0rm.com/exploits/2641)
SunOS
SunOS 5.10 Generic i86pc i386 i86pc (http://milw0rm.com/exploits/1073)
SunOS 5.9 Generic_112233-12 sun4u (http://milw0rm.com/exploits/1073)
相关文章推荐
- the principle and usage of va_list
- [转]The Big List of JavaScript, CSS, and HTML Development Tools, Libraries, Projects, and Books
- mysql遇见Expression #1 of SELECT list is not in GROUP BY clause and contains nonag
- 【DataStructure】Descriptioin and usage of List
- 【HTML5/CSS/JS】A list of Font Awesome icons and their CSS content values(一)
- List of X$ Tables and how the names are derived
- MM--A List of Tables and Tcodes about MM
- [Err] 1055 - Expression #1 of SELECT list is not in GROUP BY clause and contains nonaggregated colum
- Codeforces Codeforces Round #432 (Div. 2 D ) Arpa and a list of numbers
- Codeforces Codeforces Round #432 (Div. 2 D ) Arpa and a list of numbers
- 【前缀和】【枚举倍数】 Codeforces Round #432 (Div. 2, based on IndiaHacks Final Round 2017) D. Arpa and a list of numbers
- Codeforces 851 D. Arpa and a list of numbers(技巧)
- Codeforces Round #432 (Div. 1) B. Arpa and a list of numbers
- Docker安装MySQL遇见Expression #1 of SELECT list is not in GROUP BY clause and contains nonaggre的问题
- List of maintainers and how to submit kernel changes
- scrollTo(String text) and scrollToExact(String text) method of Android Driver not working
- #1055 - Expression of SELECT list is not in GROUP BY clause and contains nonaggregated column this i
- [88] A brief list of Goa'uld words and phrases.
- MySQL: Expression #2 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'sss