PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation Usage Should work out of the box on Linux distributions based on U

CVE-2021-4034 One day for the polkit privilege escalation exploit Just execute make, ./cve-2021-4034 and enjoy your root shell. The original advisory

CVE-2021-4034 Exploit Usage $ git clone https://github.com/whokilleddb/CVE-2021-4034 $ cd CVE-2021-4034 $ make [!] CVE-2021-4034 Exploit By whokilledd

desc_race "desc_race" (CVE-2021-30955) exploit for iOS 15.0 - 15.1.1 (with stable kernel r/w primitives) Tested to work on iPhone13,2 running iOS 15.1

Introduction Over the past few weeks, I've been doing some hypervisor research here and there, with most of my focus being on PCI device emulation cod

Exploit and Proof of Concept (PoC) for CVE-2020-15368. Asrock repackaged rweverything driver for their RGB controller configuration tool and signed it. They "protect" it by encrypting their ioctls...lol. We found this CVE by accident last summer, and afaik the driver still isn't patched. The impact is of course arbitrary code execution in kernel, etc. So enjoy this "0day" lol.

xattr-oob-swap CVE-2020-27904: a tfp0 bug for macOS 10.15.x and below. Demo exploit code for my talk at BlackHat ASIA 2021. The vulnerability has been

CVE-2020-0668 Made CVE-2020-0668 exploit work for version win10 v1903 and version = win10 v1903 Diaghub Exploit ( v1903) powershell exploit works

This repository contains a personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to

Dirty-Pipe (PoC) What is it? Dirty-Pipe is a vulnerability which allows us to overwrite files even if they have read-only permissions. This vulnerabil

wowInjector Inject payload to WOW64(Windows 32 on Windows 64) process via exploit 32-bit thread snapshot. This trick makes us possible to do malicious

CVE-2021-3156 Root shell PoC for CVE-2021-3156 (no bruteforce) For educational purposes etc. Tested on Ubuntu 20.04 against sudo 1.8.31 All research c

CVE-2021-3156 This is a warehouse modification based on @CptGibbon and supports arbitrary command execution. 相关阅读：CVE-2021-3156 - Exploit修改 Root shell

CVE-2021-3156 PoC for CVE-2021-3156 (sudo heap overflow). Exploit by @gf_256 aka cts. Thanks to r4j from super guesser for help. Credit to Braon Samed

vsock_poc Investigating the bug behind CVE-2021-26708 This repo contains a small writeup about CVE-2021-26708, and how this bug can be turned into a U

CVE-2021-1732 CVE-2021-1732 Microsoft Windows 10 本地提权漏 研究及Poc/Exploit开发 受影响系统及应用版本 Windows Server, version 20H2 (Server Core Installation) Windows 10

CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. This is a proof of concept for CVE-2021-28476

CVE-2021-32537: Out-of-bounds access in RTKVHD64 leading to pool corruption. This is a bug that I reported to Realtek beginning of April 2021. The aff

Local Privilege Escalation Edition of CVE-2021-1675/CVE-2021-34527 Local Privilege Escalation implementation of the CVE-2021-1675/CVE-2021-34527 (a.k.