CTurt

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
#include <inttypes.h>

typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned int u32;

CTurt

/*
	Abusing C preprocessor to allow you declare enumerator values for each item of an array, inline of the array definition - so that you don't have to repeat list twice like this:
	
	enum {
		ITEM_ONE,
		ITEM_TWO,
		...
	};
	
	struct type array[] = {

CTurt

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

void server(void) {
	int s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);

CTurt

/*
	
	PoC for kernel stack overflow in sysctl handler for kern.binmisc.add:
	https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206761#c0
	
	su
	kldload imgact_binmisc
	./x
	
	- CTurt

CTurt

/*
	PoC for FreeBSD kernel integer overflow in nfssvc system call
	Refer to bug report here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206626
	
	System call only accessible as root.
	
	Running this test will panic affected versions of FreeBSD.
	
	clang nfssvc.c -o n
	su

CTurt

/*
	FreeBSD kernel vulnerability PoC for:
	https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206585#c2
	
	Needs to be run as root.
	
	If hptmv kernel module not loaded:
		kldload hptmv
		
	Using:

CTurt

  [+] Entered shellcode
  [+] UID: 0, GID: 0
[DIR]: .
[DIR]: ..
[DIR]: adm
[DIR]: app_tmp
[DIR]: data
[DIR]: dev
[DIR]: eap_user
[DIR]: eap_vsh

CTurt

// Bitmask calculator

#include <stdio.h>

int n = 0x33;

int main(void) {
    int i;
    for(i = 0; i < 20; i++) {
        if(n & (1 << i)) printf("%d | ", 1 << i);

CTurt

#include <stdio.h>

#include "preoop.h"
#include "exception.h"

#define objects(a, b) objectList(a,\
	objectEntry(fileReader, b)\
)

object(fileReader,