Penetration Testing mailing list archives
Re: [PEN-TEST] Linux
From: Michel Kaempf <maxx () VIA ECP FR>
Date: Wed, 8 Nov 2000 15:52:17 +0100
On Wed, Nov 08, 2000, Miller, William T DISC4/Sytex wrote:
I tried running the traceroute exploit against OpenLinux 2.4 and found that Open Linux will show a segmentation fault but will not give you root access.
The exploit has to be improved, but anyway, what you say here is interesting, let's investigate. I think you followed the few steps described in the advisory (section 5) in order to find out the special values for your own operating system, right? If you did not, could you please find out these values and retry? Now, you found the values for your operating system, but the exploit did not work. First of all, if you could send me your values, it would help figuring out why the exploit failed. And another important point : is your system protected with something like the nonexec stack patch, or StackGuard? I do not know much about OpenLinux, perhaps the default kernel is already patched? Your issue is very interesting, because I have to rewrite the whole exploit, first because it seems that the __free_hook pointer is not the same on two different computers running the same operating system (this point has to be enlightened), and second because the exploit is unable to handle nonexec stack patched systems. If you could keep me informed, it would be really nice. I am looking forward from reading you, -- Michel "MaXX" Kaempf
Current thread:
- [PEN-TEST] Linux Adassovsky Michel (Nov 08)
- Re: [PEN-TEST] Linux Michel Kaempf (Nov 08)
- <Possible follow-ups>
- Re: [PEN-TEST] Linux Dunker, Noah (Nov 08)
- Re: [PEN-TEST] Linux Riley Hassell (Nov 08)
- Re: [PEN-TEST] Linux Ben Ford (Nov 08)
- Re: [PEN-TEST] Linux Miller, William T DISC4/Sytex (Nov 09)
- Re: [PEN-TEST] Linux Michel Kaempf (Nov 09)
- Re: [PEN-TEST] Linux Adassovsky Michel (Nov 10)
- Re: [PEN-TEST] Linux El Nahual (Nov 11)
- Re: [PEN-TEST] Linux j a s o n (Nov 14)