Linux kernel exploitation experiments

This is a playground for the Linux kernel exploitation experiments. Only basic methods. Just for fun.

Contents:

• drill_mod.c - a small Linux kernel module with nice vulnerabilities. You can interact with it via a simple debugfs interface.
• drill_exploit_uaf.c - a basic use-after-free exploit.
• drill_exploit_nullderef.c - a basic null-ptr-deref exploit, which uses wonderful mmap_min_addr bypass by Jann Horn.

N.B. Only basic exploit techniques here. So compile your kernel with x86_64_defconfig and run it with pti=off nokaslr.

License: GPL-3.0.

Have fun!

Repositories

• At GitHub: https://github.com/a13xp0p0v/kernel-hack-drill
• At Codeberg: https://codeberg.org/a13xp0p0v/kernel-hack-drill (go there if something goes wrong with GitHub)
• At GitFlic: https://gitflic.ru/project/a13xp0p0v/kernel-hack-drill