# 3. Kernel Exploits

### Introduction

The kernel has complete control over the operating system. Exploiting a kernel vulnerability can result in execution as the root user.

Kernel exploits can leave the system in an **unstable state**, which is why you should only run them as a last resort.

***

### Finding Kernel Exploits

1. Enumerate kernel version (`uname -a`).
2. Find matching exploits (Google, ExploitDB, GitHub).
   * Use searchsploit to find matching exploits:
     * ```bash
       # searchsploit linux kernel 2.6.32 priv esc
       ```
   * Alternatively, Run the [Linux Exploit Suggester 2](https://github.com/jondonas/linux-exploit-suggester-2) tool to identify potential kernel exploits on the current system
3. Compile and run.

***