milliways-infosec/dirtyfrag
5
0
Fork 0
mirror of https://github.com/V4bel/dirtyfrag.git synced 2026-05-16 10:50:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
20 commits 1 branch 0 tags 5.9 MiB
Commit graph

20 commits

This branch
This branch
All branches
Author SHA1 Message Date
Zi1chs
5ebf94f442 Port exploit to aarch64 
- Replace x86_64 shellcode/ELF in shell_elf[] with aarch64 equivalent
  (e_machine=0xb7, MOVZ/SVC instructions, syscall numbers 144/146/159/221).
- Update verify_byte() check at post-write to look for the aarch64 MOVZ
  opcode signature (0x80 0xd2) instead of the x86 (0x31 0xff).
- Update su_marker[] to match the first 8 bytes of the aarch64 shellcode.

Tested on Kali aarch64 6.19.11+kali-arm64; xfrm-ESP leg lands cleanly.
rxrpc leg is x86-only (oopses on aarch64 in flush_dcache_page).
 2026-05-12 11:23:36 +07:00
Zi1chs
557f760d6b Port exploit to aarch64 
- Replace x86_64 shellcode/ELF in shell_elf[] with aarch64 equivalent
  (e_machine=0xb7, MOVZ/SVC instructions, syscall numbers 144/146/159/221).
- Update verify_byte() check at post-write to look for the aarch64 MOVZ
  opcode signature (0x80 0xd2) instead of the x86 (0x31 0xff).
- Update su_marker[] to match the first 8 bytes of the aarch64 shellcode.

Tested on Kali aarch64 6.19.11+kali-arm64; xfrm-ESP leg lands cleanly.
rxrpc leg is x86-only (oopses on aarch64 in flush_dcache_page).
 2026-05-12 11:20:23 +07:00
V4bel
aab16fcada update 2026-05-11 02:29:16 +09:00
V4bel
cb2bc342d1 update 2026-05-11 02:19:41 +09:00
V4bel
5bb21af6dd update 2026-05-11 02:17:43 +09:00
V4bel
8beafb186f template 2026-05-10 05:57:35 +09:00
V4bel
882707286f typo 2026-05-10 04:27:55 +09:00
V4bel
07995be9d9 template 2026-05-08 18:21:57 +09:00
V4bel
f3dd525bf6 CVE 2026-05-08 18:19:19 +09:00
V4bel
4bc7ffe2fb template 2026-05-08 18:12:55 +09:00
V4bel
7f0f3a1390 CVE 2026-05-08 18:10:42 +09:00
V4bel
979a5d992d
Merge pull request #20 from Nriver/master 
Update README: clarify page cache cleanup after exploit
 2026-05-08 16:24:45 +09:00
Nate River
beeb925e30
Enhance mitigation instructions in README 
Updated mitigation instructions to include clearing the page cache after removing vulnerable modules.
 2026-05-08 13:49:44 +08:00
Nate River
f2796739b2
Update README: clarify page cache cleanup after exploit 2026-05-08 11:58:36 +08:00
V4bel
892d9a31d3 typo 2026-05-08 05:22:07 +09:00
V4bel
f351f5a0c2 typo 2026-05-08 05:15:10 +09:00
V4bel
3099b8a3c7 typo 2026-05-08 04:02:58 +09:00
V4bel
eb33132154 typo 2026-05-08 03:46:07 +09:00
V4bel
72f2b56c8b typo 2026-05-08 03:22:01 +09:00
V4bel
ea8b2efd81 init 2026-05-08 03:18:15 +09:00