So this project has been getting a little attention! I think most of the traffic came from
tweets by @Kitploit aka The Hacker Tools so thanks. Unfortunately,
the version they debuted was before I had implemented the exploitation mode, so hopefully people
check back on the project and remember to git pull
.
The new mode that I added is called exploit
mode. It is useful when paired with enumeration to
automatically perform kernel privilege escalation through a chosen exploit. An example of the
enumeration to root
process is something like this:
Here we enumerate the machine we are running on and confirm that it is vulerable to CVE-2016-5195
,
or, dirtycow. Then, we use kernelpop
to perform an automated compilation
and exploitation of the identified exploit to get our root
shell!
Exploit mode can also be performed without enumeration if you’d like to just blind-fire exploits off
at the target. This could be useful in situations where you are sure that a kernel is vulnerable to
a particular exploit, but for some reason or another kernelpop
doesn’t identify it as a workable
option.
As the project progresses, I will continue to add more exploits to the framework along with streamlined
useability and functionality. If you have any feedback, let me know at coastalsec@protonmail.com
or
open an issue / comment on the project on github. Thanks
for reading and I hope you find the project useful!
-coastal