kernelpop is a framework for performing automated kernel vulnerability enumeration and exploitation on the following operating systems:

• Linux

• Mac

• Windows (coming soon)

Since it seems like this project is getting some clones / views, I should say this is a work in progress. I'm taking class and working fulltime so getting programming time is sporadic. That said, I am actively maintaining and adding features. Please let me know if you find any issues with the project.

Thanks!

python3

The default mode runs with the command python3 kernelpop.py. This processes information about the host kernel and compares it to the known kernel exploits available to the program. It then outputs a list of potentially useful vulnerabilities and attached exploits.

The exploit mode is run with the -e flag. This dynamically compiles and runs the exploit source code with stdio interactions inside the program! It can catch interrupts from short-stopped attempts as well

The brute-enumeration mode performs the same checks as the default mode, but then goes beyond and checks the computer for exploit prerequisites to see if the operating system is set up in the required vulnerable state for successful exploitation.

The input mode allows you to perform enumeration with just the output of a uname -a command, which makes it useful as a host-side only enumeration tool.

• CVE-2017-1000379

• CVE-2017-1000373

• CVE-2017-1000372

• CVE-2017-1000371

• CVE-2017-1000370

• CVE-2017-1000367

• CVE-2017-1000112

• CVE-2017-7308

• CVE-2017-6074

• CVE-2017-5123

• CVE-2016-5195

• CVE-2016-2384

• CVE-2016-0728

• CVE-2015-1328

• CVE-2014-4699

• CVE-2014-4014

• CVE-2014-3153

• CVE-2014-0196

• CVE-2009-1185

https://github.com/SecWiki/linux-kernel-exploits

http://exploit-db.com/

https://www.exploit-db.com/local/

https://github.com/SecWiki/windows-kernel-exploits

Debian

• debian releases