Comments

Post a comment

Quizá pueda ser contraproducente, pero así también ayudamos un poco a que la gente se de prisa en actualizar :)

Podeis probar si vuestro sistema es vulnerable con este pequeño código en c:
www.gra2.com/isec-ptrace-kmod-exploit.c

Si teneis el kernel parcheado, os saldrá algo como:

newton:~>./ptrace-exploit
[-] Unable to attach: Operation not permitted
Killed

En cambio, si teneis el kernel sin parchear (esto me decía a mí en un 2.2.19 antes de parchearlo) os saldrá esto otro :

pascal:~>./ptrace-exploit
[+] Attached to 19833
[+] Signal caught
[+] Shellcode placed at 0x4000da2d
[+] Now wait for suid shell...
sh-2.05a# exit

Como veis, abre una shell con permisos de root.

daniel on Friday, March 21 2003 @ 05:18 PM CET Reply | #

Search



About

newton.gra2.com is a blog about technology, opinion and random thoughts written by Daniel Alvarez, a computer engineer currently living in Zurich, Switzerland.

Topics

User Functions

:

:


Lost your password?

Latest posts

Stories last 24 hours

No new stories

Comments last 2 days

No new comments

Trackbacks last 2 days

No new trackback comments

Links last 2 weeks

No recent new links