This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python2 | |
""" | |
Author: takeshix <[email protected]> | |
PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]). | |
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP. | |
""" | |
import sys,struct,socket | |
from argparse import ArgumentParser |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected]) | |
# The author disclaims copyright to this source code. | |
import sys | |
import struct | |
import socket | |
import time | |
import select | |
import re | |
import codecs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl | |
#Apache httpd Remote Denial of Service (memory exhaustion) | |
#By Kingcope | |
#Year 2011 | |
# | |
# Will result in swapping memory to filesystem on the remote side | |
# plus killing of processes when running out of swap space. | |
# Remote System becomes unstable. | |
# | |
# PREVENTION : ADD THIS TO APACHE.CONF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Android.mk にて、「LOCAL_CFLAGS := -fno-stack-protector -mno-thumb -O0」を指定すること。 | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <sys/socket.h> | |
#include <arpa/inet.h> | |
#include <pthread.h> | |
#include <sys/mman.h> | |
#include <sys/syscall.h> | |
#include <linux/futex.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Android.mk にて、「LOCAL_CFLAGS := -fno-stack-protector -mno-thumb -O0」を指定すること。 | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <sys/socket.h> | |
#include <arpa/inet.h> | |
#include <pthread.h> | |
#include <sys/mman.h> | |
#include <sys/syscall.h> | |
#include <linux/futex.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Android.mk にて、「LOCAL_CFLAGS := -fno-stack-protector -mno-thumb -O0」を指定すること。 | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <sys/socket.h> | |
#include <arpa/inet.h> | |
#include <pthread.h> | |
#include <sys/mman.h> | |
#include <sys/syscall.h> | |
#include <linux/futex.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* Copyright (C) 2013 The Android Open Source Project | |
* | |
* Licensed under the Apache License, Version 2.0 (the "License"); | |
* you may not use this file except in compliance with the License. | |
* You may obtain a copy of the License at | |
* | |
* http://www.apache.org/licenses/LICENSE-2.0 | |
* | |
* Unless required by applicable law or agreed to in writing, software |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To use msm_acdb explot we need to work 4 steps. | |
1. Find how to run command with root or system previlege | |
2. Get offset for registers to setup | |
3. Choose proper code in kernel image | |
4. Setup parameters in acdb.c | |
1. Find how to run command with root or system previlege | |
Do it your self. :-P |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* 本来の流れ | |
do_vfs_ioctlはacdb_ioctlをコールし、(1)のコードでリターンする。 | |
do_vfs_ioctl: | |
STMPW [SP], { R4-R9, LR } | |
... | |
BL acdb_ioctl | |
... | |
ADD SP, SP, #$44 // (2) | |
LDMUW [SP], { R4-R9, PC } // (1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Android.mk にて、「LOCAL_CFLAGS := -fno-stack-protector -mno-thumb -O0」を指定すること。 | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <sys/socket.h> | |
#include <arpa/inet.h> | |
#include <pthread.h> | |
#include <sys/mman.h> | |
#include <sys/syscall.h> | |
#include <linux/futex.h> |