1 |
Sune Kloppenborg Jeppesen wrote: |
2 |
> [22:25:52] <@plasmaroo> jaervosz: What file is it getting run on? I believe it |
3 |
> has to be a /proc. |
4 |
> [22:27:40] <@jaervosz> plasmaroo: seems like it should be proc, will you give |
5 |
> a short answer? |
6 |
Well, I didn't try that. Now it's too late, r12 already running. |
7 |
|
8 |
> [22:27:41] <@plasmaroo> printf("\n[+] SUCCESS, lseek fails, reading kernel |
9 |
> mem...\n"); << That should get run on a vulnerable kernel! |
10 |
I thought so. But since I didn't try something in /proc, this never |
11 |
appeared. |
12 |
|
13 |
Now I've tried something like this: |
14 |
$ proc_kmem_dump /proc/mtrr |
15 |
mmap: No such device |
16 |
|
17 |
and |
18 |
|
19 |
$ proc_kmem_dump /proc/kcore |
20 |
open file: Permission denied |
21 |
|
22 |
Either I'm still making mistakes or it really doesn't work anymore, |
23 |
which should be the case anyway. |
24 |
|
25 |
@ Marc Ballarin: |
26 |
I adjusted MEMSIZE to 512 and after running proc_mem_dump on a large |
27 |
file the first three lines of kmem.dat are indeed the content of |
28 |
/proc/mtrr. The rest of the file is filled with zeros. |
29 |
|
30 |
Thanks to all answers! |
31 |
|
32 |
Regards, Frank. |
33 |
|
34 |
-- |
35 |
gentoo-security@g.o mailing list |