[PCBSD-malaysia] local r00t exploit

Harisfazillah Jamel linuxmalaysia at gmail.com
Wed Dec 2 00:55:45 PST 2009


Ya betul :) Apache id kalau dah masuk, masukkan shell dan .... Reset
password root dan SSH masuk.

2009/12/2 Yusof Khalid - FreeBSD / OpenBSD <fryshadow at gmail.com>:
> kalau web application tu vulnerable and boleh lepas masuk ke server mungkin
> parah juga :)
>
> On Wed, Dec 2, 2009 at 3:07 PM, Harisfazillah Jamel
> <linuxmalaysia at gmail.com> wrote:
>>
>> Sebab itu penting kita pastikan.
>>
>> 1) password pengguna mesti kuat supaya lambat untuk kena break dan
>> sempatlah kita untuk patch.
>> 2) System  akaun atau application akaun shell gunakan /dev/null atau
>> /bin/nologin
>> 3) Akaun tak guna (dormant) kita buang.
>> 4) Nama users kenalah yang pelik-pelik janganlah john mary superman :)
>>
>> Bug pasti akan ada. Yang penting cepat atau lambat kita patch. :)
>>
>> On Wed, Dec 2, 2009 at 2:05 PM, Yusof Khalid - FreeBSD / OpenBSD
>> <fryshadow at gmail.com> wrote:
>> > $ id
>> > uid=1002(test) gid=1002(test) groups=1002(test)
>> > $ sh exploit.sh
>> > env env.c exploit.sh program.c program.o w00t.so.1.0 FreeBSD local r00t
>> > zeroday
>> > by Kingcope
>> > November 2009
>> > env.c: In function 'main':
>> > env.c:5: warning: incompatible implicit declaration of built-in function
>> > 'malloc'
>> > env.c:9: warning: incompatible implicit declaration of built-in function
>> > 'strcpy'
>> > env.c:11: warning: incompatible implicit declaration of built-in
>> > function
>> > 'execl'
>> > cp: /tmp/w00t.so.1.0: Permission denied
>> > /libexec/ld-elf.so.1: environment corrupt; missing value for
>> > /libexec/ld-elf.so.1: environment corrupt; missing value for
>> > /libexec/ld-elf.so.1: environment corrupt; missing value for
>> > /libexec/ld-elf.so.1: environment corrupt; missing value for
>> > /libexec/ld-elf.so.1: environment corrupt; missing value for
>> > ALEX-ALEX
>> > # id
>> > uid=1002(test) gid=1002(test) euid=0(root) groups=1002(test)
>> > # uname -a
>> > FreeBSD proxy.opigateway-local.net 7.2-RELEASE FreeBSD 7.2-RELEASE #0:
>> > Fri
>> > May  1 08:49:13 UTC 2009
>> > root at walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
>> >
>> > source : http://seclists.org/fulldisclosure/2009/Nov/371
>> >
>> > dengar 8.0-Release pn kena juga, sape2 leh test dialu2kan :)
>> > --
>> > _________________________
>> > http://blog.myinfinityx.com
>> > _________________________
>> >
>> > _______________________________________________
>> > PCBSD-malaysia mailing list
>> > PCBSD-malaysia at lists.pcbsd.org
>> > http://lists.pcbsd.org/mailman/listinfo/pcbsd-malaysia
>> >
>> >
>>
>>
>>
>> --
>> My Facebook
>> http://www.facebook.com/linuxmalaysia
>>
>> My Blog
>> http://blog.harisfazillah.info/
>>
>> My Network
>> http://linuxdotmy.multiply.com/
>> _______________________________________________
>> PCBSD-malaysia mailing list
>> PCBSD-malaysia at lists.pcbsd.org
>> http://lists.pcbsd.org/mailman/listinfo/pcbsd-malaysia
>
>
>
> --
> _________________________
> http://blog.myinfinityx.com
> _________________________
>
> _______________________________________________
> PCBSD-malaysia mailing list
> PCBSD-malaysia at lists.pcbsd.org
> http://lists.pcbsd.org/mailman/listinfo/pcbsd-malaysia
>
>



-- 
My Facebook
http://www.facebook.com/linuxmalaysia

My Blog
http://blog.harisfazillah.info/

My Network
http://linuxdotmy.multiply.com/


More information about the PCBSD-malaysia mailing list