Glenn McGuire glen-mac
glen-mac
/ poc.c
Created
September 16, 2021 09:42
— forked from infernalheaven/poc.c
macOS 11.5.2/iOS 14.7.1 Kernel Race Condition poc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Written By Pan ZhenPeng(@peterpan980927) of Alibaba Security Pandora Lab | |
| use it on macOS: cc poc.c -o poc while True; do ./poc ; done | |
| */ | |
| #include <errno.h> | |
| #include <signal.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # size of swapfile in megabytes | |
| swapsize=512 | |
| # does the swap file already exist? | |
| grep -q "swapfile" /etc/fstab | |
| # if not then create it | |
| if [ $? -ne 0 ]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CSAW 2017 Auir PWN challenge solution by glem | |
| # https://glennmcgui.re/csaw-17-auir/ | |
| from pwn import * | |
| #context.log_level = 'debug' | |
| class auirPwn: | |
| def __init__(self, p): | |
| self.p = p | |
| self.index = 0 |
glen-mac
/ windows_hevd_exploit_sbof.c
Last active
July 31, 2019 02:38
HEVD Windows Kernel Driver Exploit - Stack Overflow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <winioctl.h> | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| /* | |
| HEVD Windows Driver Exploit for the Stack Buffer Overflow | |
| Written by glem - have fun :) | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Solution to RHME3 Quals 'Exploitation' | |
| # glem | |
| from pwn import * | |
| context.log_level = 'debug' | |
| class rhme3Pwn: | |
| def __init__(self, p): | |
| self.p = p |
glen-mac
/ analyse_mbr.c
Last active
April 28, 2023 14:39
A little program to analyse the mbr of any drive on your system, and provide information about the partitions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* analyse_mbr.c by glem */ | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| #define MBR_SIZE 512 | |
| #define NUM_PARTITIONS 4 | |
| /* offsets within the MBR */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| char buf[32]; | |
| int main(int argc, char* argv[], char* envp[]){ | |
| if(argc<2){ | |
| printf("pass argv[1] a number\n"); | |
| return 0; | |
| } | |
| int fd = atoi( argv[1] ) - 0x1234; |