Exploits and proof of concepts



The following lists exploits and proof of concepts written by Hector Marco-Gisbert.

Proof of concepts (PoC) are examples to demonstrate the vulnerability but without exploit the real target. I write proof of concepts when the vulnerability is not exploitable by itself (require another vulnerability) or for the sake of the clarify. You should not worry about execute them.

In other side exploits are real attacks to a target. Depending of the concrete exploit you will get a root shell, crash a service etc,. You should keep this in mind before execute any exploit.




Published exploits

Date Vendor Description Platform Download
2015 Glibc <= 2.22.90 Bypass Pointer Mangle protection. Linux [PoC]
2015 Email Android 4.2 Remote Denial of service in Android Email app. Android [exploit]
2014 Linux <= 3.18 Offset2lib: Bypass 64-bit ASLR in < 1 second Linux [exploit]
2014 Sniffit <= 0.3.7 Sniffit Stack buffer overflow - root shell Linux [exploit]
2013 Glibc <= 2.17 Glibc PTR Mangle encryption useless - PoC Linux [PoC]




Hector Marco - http://hmarco.org