GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ant4g0nist → Vulnerable Kext

ant4g0nist / Vulnerable Kext

Licence: mit
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation

Programming Languages

c
50402 projects - #5 most used programming language

Labels

iosmacoskerneldriverexploitationvulnerabilities

Projects that are alternatives of or similar to Vulnerable Kext

Hacksysextremevulnerabledriver
HackSys Extreme Vulnerable Windows Driver
Stars: ✭ 1,330 (+607.45%)
Mutual labels:  driver, kernel, exploitation, vulnerabilities
Deos
The distributed exokernel operating system
Stars: ✭ 80 (-57.45%)
Mutual labels:  driver, kernel
Hacker Roadmap
📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+4023.4%)
Mutual labels:  exploitation, vulnerabilities
Windows Kernel Explorer
A free but powerful Windows kernel research tool.
Stars: ✭ 1,299 (+590.96%)
Mutual labels:  driver, kernel
Binexp
Linux Binary Exploitation
Stars: ✭ 742 (+294.68%)
Mutual labels:  exploitation, vulnerabilities
Hidden
Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (+308.51%)
Mutual labels:  driver, kernel
Ntphp
Ever wanted to execute PHP in your kernel driver? Look no further!
Stars: ✭ 76 (-59.57%)
Mutual labels:  driver, kernel
Awesome Windows Security Development
awesome-windows-security-development
Stars: ✭ 154 (-18.09%)
Mutual labels:  driver, kernel
Pakuri
Penetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-33.51%)
Mutual labels:  exploitation, vulnerabilities
Arissploit
Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-39.36%)
Mutual labels:  exploitation, vulnerabilities
Paper collection
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Stars: ✭ 710 (+277.66%)
Mutual labels:  kernel, exploitation
Ksocket
KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK
Stars: ✭ 183 (-2.66%)
Mutual labels:  driver, kernel
Exploit Writeups
A collection where my current and future writeups for exploits/CTF will go
Stars: ✭ 676 (+259.57%)
Mutual labels:  exploitation, vulnerabilities
Garhal csgo
A project that demonstrates how to screw with CSGO from Kernel Space. (CSGO Kernel Cheat/Hack) All cleaned up, and with updated offsets.
Stars: ✭ 179 (-4.79%)
Mutual labels:  driver, kernel
Kernelpop
kernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (+234.04%)
Mutual labels:  kernel, vulnerabilities
Pplkiller
Protected Processes Light Killer
Stars: ✭ 453 (+140.96%)
Mutual labels:  driver, kernel
Android Kernel Exploitation
Android Kernel Exploitation
Stars: ✭ 313 (+66.49%)
Mutual labels:  kernel, exploitation
Winspd
Windows Storage Proxy Driver - User mode disk storage
Stars: ✭ 335 (+78.19%)
Mutual labels:  driver, kernel
Osee
Collection of resources for my preparation to take the OSEE certification.
Stars: ✭ 98 (-47.87%)
Mutual labels:  kernel, exploitation
Pubg Pak Hacker
use windows kernel deriver hidden file and itself to Bypass BE
Stars: ✭ 157 (-16.49%)
Mutual labels:  driver, kernel
View All Similar Projects ➔

Vulnerable Kext

License: MIT Github Stars PRs Welcome

A WIP (work-in progress) "Vulnerable by Design" kext for iOS/macOS to play/learn with *OS kernel exploitation

Usage

  • Documentation can be found at https://fuzzing.science/vulnerable-kext

  • Basic setup requirements

    • iOS device that can be jailbroken with checkra1n
    • Currently the make files are made to be used on a Mac. So, a macOS device or a VM.

  • Running the following command causes checkra1n to listen for attached iOS devices in DFU mode and boot pongoOS:

/Applications/checkra1n.app/Contents/MacOS/checkra1n -c -p
  • Run run.sh to build kext_loader, pongo_module, and the vulnerable kext and to start kext_loader kext_loader waits for a device that's booted pongo shell!
./run.sh

For more details about ktrw, check ktrw

Disclaimer

Vulnerable-Kext is an intentionally vulnerable kext for iOS/macOS, meant for educational purpose only.

TODO

  • [ ] Add IOKit stuff
  • [ ] Add vulnerabilities from reported XNU/IOKit bugs? 🤔
  • [ ] Maybe improve stability of loading kexts
  • [ ] Fix the bugs in the vulnerabilities I implemented 🧐
  • [ ] Add Writeups for exploitation

credits

  • @_bazad for the super awesome ktrw
  • checkra1n team for the jailbreak
  • Used the kext template from twic
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].