oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Problems in automatic crash analysis frameworks

From: Tavis Ormandy <taviso () google com>
Date: Wed, 15 Apr 2015 12:55:53 -0700
On Wed, Apr 15, 2015 at 11:48 AM, Tavis Ormandy <taviso () google com> wrote:

FWIW, I verified this is exploitable.



Here's the script I used to verify, it should create the file
/etc/rootfiletest. By using the partial trick or creating parse
errors, this is easy to turn into a root shell.

Note: I'm a c programmer, I don't know python at all, it's probably
the worlds worst python code - I used python because I was reading the
python3-lxc code.

taviso@ubuntu:~/tmp$ ls -l /etc/rootfiletest
ls: cannot access /etc/rootfiletest: No such file or directory
taviso@ubuntu:~/tmp$ rm -rf /tmp/?0* /tmp/exploit/
taviso@ubuntu:~/tmp$ python3 test.py
taviso@ubuntu:~/tmp$ ls -l /etc/rootfiletest
-rw-rw---- 1 root root 0 Apr 15 12:53 /etc/rootfiletest

Tavis.

Attachment: exploit.py
Description:

Previous By Date Next
Previous By Thread Next

Current thread: