Skip to content
Linux kernel exploitation experiments
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Makefile
README.md
drill_exploit_nullderef.c
drill_exploit_uaf.c
drill_mod.c
prep_trace.sh
prep_usr.sh

README.md

Linux kernel exploitation experiments

This is a playground for the Linux kernel exploitation experiments. Only basic methods. Just for fun.

Contents:

  • drill_mod.c - a small Linux kernel module with nice vulnerabilities. You can interact with it via a simple debugfs interface.
  • drill_exploit_uaf.c - a basic use-after-free exploit.
  • drill_exploit_nullderef.c - a basic null-ptr-deref exploit, which uses wonderful mmap_min_addr bypass by Jann Horn.

N.B. Only basic exploit techniques here. So compile your kernel with x86_64_defconfig and run it with pti=off nokaslr.

Have fun!

You can’t perform that action at this time.