Some Linux kernel exploits for various real world kernel vulnerabilities here. More exploits are yet to come.
This repo contains the exploits developed during a research project, as well as the code of FUZE to facilitate exploit generation.
FUZE is a framework to facilitate linux kernel exploitation, here is the baisc idea of how it works:
angr, qemu-system-x86_64, ROPGadget, pwntools, GDB, gef, capstone, KASAN, ftrace
To install FUZE, run the following command
git clone https://github.com/ww9210/Linux_kernel_exploits
cd Linux_kernel_exploits
python setup.py install --user
TODO here, currently you can browser the code under fuze/test
For more details about facilitating linux kernel exploits, please refer to our USENIX paper:
@inproceedings{wu18fuze,
title={FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities},
author={Wu, Wei and Chen, Yueqi and Xu, Jun and Xing, Xinyu and Gong, Xiaorui and Zou, Wei},
booktitle={27th USENIX Security Symposium (USENIX Security 18)},
organization={USENIX Association}
}
If this repo is of help to your research, we really appreciate you for citing the above paper.