jm33_ng
  • Course notes
  • Misc
  • Pentest
  • Programming
  • Tools
  • Vulnerabilities

jm33_ng


cyber security / noob developer / poor English

CVE-2019-13272: Linux LPE via 'PTRACE_TRACEME'

Date Fri 23 August 2019 Tags CVE / LPE / Linux / PTRACE_TRACEME / ptrace / exploit

banner

what is ptrace

ptrace() system call stands for process trace, which provides a way for debuggers such as gdb/strace to control a process (tracee). "debuggers" can be any process that sends a PTRACE_ATTACH/PTRACE_SEIZE, or receives a PTRACE_TRACEME from its child.

several things to notice:

  1. a tracee's ptrace relationship …

View comments.

more ...

CVE-2018-18955 - A Handy LPE for Newer Linux Kernels

Date Thu 24 January 2019 Tags CVE / CVE-2018-18955 / linux kernel / namespace / privilege escalation

banner

中文版已发Freebuf

theres no posts about this cve as far as i know, and the original advisory is just too difficult for newbies like me, so..

warm up

whats user namespace

lets assume you use linux, man user_namespaces will give you what you need

in case …

View comments.

more ...
  • «
  • 1
  • 2
  • »

About jm33

Who

  • Cyber Security Researcher

Contact

  • 0x3A5DBF07

  • Mastodon

  • Leave a message

  • Social

    • Twitter
    • GitHub
    • LinkedIn
    • StackOverflow

  • Recent Posts

    • CVE-2019-13272: Linux LPE via 'PTRACE_TRACEME'
    • CVE-2018-18955 - A Handy LPE for Newer Linux Kernels
    • An RCE Approach of CVE-2018-7750

  • Tags
    • 2024
    • 404
    • 443
    • active directory
    • ad
    • announcement
    • antivirus
    • anyconnect
    • apache
    • arch
    • assembly
    • asu
    • backdoor
    • baidu
    • blackhat
    • bridge
    • buffer overflow
    • C#
    • career
    • censorship
    • cgo
    • cisco
    • code maintainance
    • compton
    • conhost
    • conpty
    • Coursera
    • credential harvesting
    • crypto
    • cryptography
    • CVE
    • CVE-2018-18955
    • CVE-2018-7750
    • diary
    • DNS污染
    • DPI
    • elf
    • email
    • emp3r0r
    • exploit
    • file transfer
    • gdb
    • gfw
    • ghidra
    • github
    • Glowing Bear
    • golang
    • gpu
    • great wall
    • greatwall
    • hacking
    • hacking tool
    • HiWiFi
    • HTTP2
    • https
    • injection
    • IRC
    • 极路由
    • KCP
    • kcptun
    • kernel
    • killer
    • lede
    • libvirt
    • life
    • linux
    • linux kernel
    • lkm
    • loader
    • log cleaner
    • LPE
    • macos
    • mass exploit
    • mec
    • memory layout
    • mentohust
    • Misc
    • mouse
    • multi-threaded crawler
    • namespace
    • natural scroll
    • netcat
    • network
    • nic
    • obfs4
    • obfsproxy
    • ocserv
    • openwrt
    • paramiko
    • pentest
    • pep8
    • PGP
    • pi
    • port-forwarding
    • post-exploitation
    • privilege escalation
    • programming
    • project
    • proxy
    • ptrace
    • PTRACE_TRACEME
    • python
    • pythonic
    • qemu
    • QQ
    • quote
    • RCE
    • redteam
    • reverse shell
    • reversing
    • rootkit
    • s2-045
    • scanner
    • scramblesuit
    • secure boot
    • SEED lab
    • sfu
    • shadowsocks
    • shadowsocks-plus
    • shell
    • shellcode
    • socket
    • SS
    • ssh
    • ssh-harvester
    • sshd
    • SSL
    • Stanford
    • sudo
    • switch
    • systemd
    • terminal
    • Thomas Jefferson
    • TMUX
    • tools
    • trasparent proxy
    • vim
    • virtualbox
    • virtualization
    • vpn
    • wayland
    • web
    • weechat
    • windows
    • windows domain
    • windows server
    • xfce4
    • xfwm
    • xhost
    • xml
    • zoomeye
© 2019 jm33-ng - About this site

Creative Commons License Content licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where indicated otherwise.

Images hosted on this site are either my own or from the Internet