kernelpop Exploit Mode

Personal Projects

Posted by coastal on November 7, 2017

So this project has been getting a little attention! I think most of the traffic came from tweets by @Kitploit aka The Hacker Tools so thanks. Unfortunately, the version they debuted was before I had implemented the exploitation mode, so hopefully people check back on the project and remember to git pull.

The new mode that I added is called exploit mode. It is useful when paired with enumeration to automatically perform kernel privilege escalation through a chosen exploit. An example of the enumeration to root process is something like this:

Here we enumerate the machine we are running on and confirm that it is vulerable to CVE-2016-5195, or, dirtycow. Then, we use kernelpop to perform an automated compilation and exploitation of the identified exploit to get our root shell!

Exploit mode can also be performed without enumeration if you’d like to just blind-fire exploits off at the target. This could be useful in situations where you are sure that a kernel is vulnerable to a particular exploit, but for some reason or another kernelpop doesn’t identify it as a workable option.

As the project progresses, I will continue to add more exploits to the framework along with streamlined useability and functionality. If you have any feedback, let me know at coastalsec@protonmail.com or open an issue / comment on the project on github. Thanks for reading and I hope you find the project useful!

-coastal