-
Notifications
You must be signed in to change notification settings - Fork 2
/
apps-candidates.expected.out
30 lines (26 loc) · 2.17 KB
/
apps-candidates.expected.out
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
=======================================================================
Candidate exploit tables:
Vulnerable gadgets found per syscall and argument type:
Syscalls | Total covered |Total found where this arg has a dataflow from attacker data (% that are identity dataflows, if any)
execve | 12 | 7 (86%) | 8 (88%) | 8 (75%) | | |
mmap | 1935 | 57 (5%) | 1391 (4%) | 57 (37%) | 41 (100%) | 17 (94%) | 79 (3%)
mprotect | 118 | 56 (43%) | 57 (32%) | 1 | | |
mremap | 12 | 12 (8%) | 6 | 11 | - | - |
pwrite64 | 1267 | 1216 (4%) | 744 (45%) | 399 (5%) | 510 (31%) | |
pwritev | 10 | 10 (100%) | 10 | - | 10 (20%) | |
sendfile | 1 | - | - | 1 | 1 | |
sendmmsg | 2 | 2 | 2 | - | - | |
sendmsg | 13 | 5 (100%) | 4 (75%) | - | | |
sendto | 435 | 388 (6%) | 411 (24%) | 409 (8%) | - | - | -
write | 3785 | 885 (75%) | 3520 (90%) | 1268 (9%) | | |
writev | 791 | 231 (21%) | 779 (75%) | - | | |
* Syscalls not covered: execveat pwritev2 remap_file_pages
Vulnerable gadgets found per target application:
- apache: 3395 gadgets (70% with an iflow)
- lighttpd: 96 gadgets (94% with an iflow)
- memcached: 14 gadgets (79% with an iflow)
- nginx: 1581 gadgets (81% with an iflow)
- postgres: 2091 gadgets (26% with an iflow)
- redis: 274 gadgets (77% with an iflow)
* TOTAL: 7451 gadgets (60% with an iflow)
=======================================================================