1 |
on hardened I got next |
2 |
|
3 |
----------------------------------- |
4 |
Linux vmsplice Local Root Exploit |
5 |
By qaaz |
6 |
----------------------------------- |
7 |
[+] mmap: 0x0 .. 0x1000 |
8 |
[+] page: 0x0 |
9 |
[+] page: 0x20 |
10 |
[+] mmap: 0x4000 .. 0x5000 |
11 |
[+] page: 0x4000 |
12 |
[+] page: 0x4020 |
13 |
[+] mmap: 0x1000 .. 0x2000 |
14 |
[+] page: 0x1000 |
15 |
[+] mmap: 0x51e7d000 .. 0x51eaf000 |
16 |
ïÛÉÂËÁ ÓÅÇÍÅÎÔÉÒÏ×ÁÎÉÑ - Segmentation Fault |
17 |
|
18 |
I think PaX prevent exploit)) |
19 |
|
20 |
áÌÅËÓÅÊ ìÅÓÏ×ÓËÉÊ ÐÉÛÅÔ: |
21 |
> Ok. I compiled this sources successful, and vhen I execute him I got next |
22 |
> |
23 |
> ----------------------------------- |
24 |
> Linux vmsplice Local Root Exploit |
25 |
> By qaaz |
26 |
> ----------------------------------- |
27 |
> [-] !@#$ |
28 |
> |
29 |
> and what is it? :-) executed on gentoo-sources kernel, not hardened |
30 |
> |
31 |
> Natanael Copa ÐÉÛÅÔ: |
32 |
>> On Tue, 2008-02-12 at 10:02 +0500, áÌÅËÓÅÊ ìÅÓÏ×ÓËÉÊ wrote: |
33 |
>> |
34 |
>>> Anyone, can send me compiled exploit? i tests my hardened hosts |
35 |
>>> my gcc cannot compile sources |
36 |
>>> |
37 |
>> |
38 |
>> Attatched is a slightly modified version of the exploit that should |
39 |
>> compile for you. (uses sysconf(_SC_PAGE_SIZE) rather than PAGE_SIZE from |
40 |
>> asm/page.h) |
41 |
>> |
42 |
>> -nc |
43 |
>> |
44 |
> |
45 |
|
46 |
-- |
47 |
gentoo-hardened@l.g.o mailing list |