повышение прав [задай вопрос - получи ответ]

Discussion in 'Уязвимости' started by Konqi, 15 Oct 2010.

Thread Status:
Not open for further replies.
  1. Freedom

    Freedom Elder - Старейшина

    Joined:
    2 Jul 2007
    Messages:
    38
    Likes Received:
    92
    Reputations:
    8
    ребят помогите с вот этим.

    Linux 2.6.18-194.17.1.el5 #1 SMP Wed Sep 29 12:50:31 EDT 2010 x86_64
     
  2. vasykas

    vasykas Banned

    Joined:
    7 Mar 2011
    Messages:
    963
    Likes Received:
    137
    Reputations:
    37
    http://forum.antichat.ru/threadnav235697-20-10.html
     
  3. tmp

    tmp Banned

    Joined:
    10 Mar 2005
    Messages:
    417
    Likes Received:
    32
    Reputations:
    1
    Хелп плизззз)))
    FreeBSD 6.2-RELEASE-p12 #2: Fri Oct 2 17:30:55 EDT 2009

    http://packetstormsecurity.org/files/view/99146/freebsd64netgraph-escalate.txt
    http://www.exploit-db.com/exploits/9488/

    не катят. выдает:
    Segmentation fault (core dumped)
     
  4. Freedom

    Freedom Elder - Старейшина

    Joined:
    2 Jul 2007
    Messages:
    38
    Likes Received:
    92
    Reputations:
    8

    не помог к сожалению (


    ОППа. а его компилить на том же ядре надо ?.
    на шелле к gcc доступа нет. компилил на своей машине.
     
    #204 Freedom, 20 Mar 2011
    Last edited: 20 Mar 2011
  5. vasykas

    vasykas Banned

    Joined:
    7 Mar 2011
    Messages:
    963
    Likes Received:
    137
    Reputations:
    37
    Если на своей скомпилил то я думаю все ок.
     
  6. cat1vo

    cat1vo Level 8

    Joined:
    12 Aug 2009
    Messages:
    375
    Likes Received:
    343
    Reputations:
    99
    FreeBSD c9-w.ht-systems.ru 8.2-STABLE FreeBSD 8.2-STABLE #18: Tue Mar 15 17:42:34 MSK 2011 [email protected]:/u что можете посоветовать ?
     
  7. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    у кого нить есть новый сплоент для 2.6.18-128 ?

    ядро не новое но sendpage не прокануло

    2.6.18-128.1.6.el5PAE #1 SMP Wed Apr 1 10:02:22 EDT 2009 i686
     
    _________________________
  8. vasykas

    vasykas Banned

    Joined:
    7 Mar 2011
    Messages:
    963
    Likes Received:
    137
    Reputations:
    37
    http://www.ksplice.com/uptrack/cve-2010-3081
    ссылка на описание бага.

    http://filebeam.com/6b62b61bbe49fa9dee1d96f96e4cb71b
    ссылка на сплоит.
    А в самом коде сплоита вроде надо закоментироваать строки на не нужную ветку.
     
    1 person likes this.
  9. Agnesti

    Agnesti New Member

    Joined:
    11 Feb 2011
    Messages:
    0
    Likes Received:
    2
    Reputations:
    0
    FreeBSD *** 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Sun Jul 25 23:33:02 UTC 2010
    Linux *** 2.6.30.9-102.fc11.i686.PAE #1 SMP Fri Dec 4 00:19:26 EST 2009 i686
    Linux *** 2.6.32-gentoo-r7 #1 SMP Mon May 24 11:31:27 MSD 2010 x86_64
    Linux *** 2.6.18-028stab070.7 #1 SMP Fri Oct 1 13:53:00 MSD 2010 i686
    Linux *** 2.6.18-194.26.1.el5.028stab079.2 #1 SMP Fri Dec 17 19:25:15 MSK 2010 i686

    Возьмется кто рутнуть? Достойная оплата. в пм
     
  10. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    неа..

    $$$ Kernel release: 2.6.18-128.1.6.el5PAE
    $$$ Backdoor in LSM (1/3): checking...not present.
    $$$ Backdoor in timer_list_fops (2/3): not available.
    $$$ Backdoor in IDT (3/3): checking...not present.

    Your system is free from the backdoors that would be left in memory
    by the published exploit for CVE-2010-3081. :)
     
    _________________________
    1 person likes this.
  11. N@b$ter

    N@b$ter Elder - Старейшина

    Joined:
    6 Oct 2009
    Messages:
    293
    Likes Received:
    73
    Reputations:
    21
    Darwin 10.7.0 Darwin Kernel Version 10.7.0
    На это вообще что нить есть?
     
  12. vasykas

    vasykas Banned

    Joined:
    7 Mar 2011
    Messages:
    963
    Likes Received:
    137
    Reputations:
    37
    Вот какой то еще нащел (бинарник)
    http://filebeam.com/9393a4991ede9060280a869a3713ba3d
     
  13. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    Code:
    y0u fuq1ng f41l. g3t th3 fuq 0ut!
    ))
     
    _________________________
  14. vasykas

    vasykas Banned

    Joined:
    7 Mar 2011
    Messages:
    963
    Likes Received:
    137
    Reputations:
    37
    Есть шелл (Smart.Shell 1.0) на неком windows server
    права на чтение системных файлов есть
    как я могу повысить свои права?
    Пытался закинуть радмина но в php.ini мах размер файла 2М а
    у меня 5м радмин.
    подскажите пож.
     
  15. Фараон

    Фараон коКотэ Of Antichat

    Joined:
    7 Nov 2010
    Messages:
    153
    Likes Received:
    105
    Reputations:
    83
    Linux 2.6.9-89.0.18.ELsmp #1 SMP Tue Dec 15 14:25:00 EST 2009 i686
    Есть что?
     
    1 person likes this.
  16. FlaktW

    FlaktW Elder - Старейшина

    Joined:
    19 Aug 2009
    Messages:
    500
    Likes Received:
    33
    Reputations:
    12
    Linux 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:52:25 EST 2011 x86_64
     
  17. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    у кого нить есть скомпилированный сплоит для 2.6.18-194.17.1.el5 ?
     
    _________________________
  18. vasykas

    vasykas Banned

    Joined:
    7 Mar 2011
    Messages:
    963
    Likes Received:
    137
    Reputations:
    37
    попробуй этот,может че в коде поправить надо:
    http://filebeam.com/da60bc111fd179a71022c9e68d496245
     
  19. FlaktW

    FlaktW Elder - Старейшина

    Joined:
    19 Aug 2009
    Messages:
    500
    Likes Received:
    33
    Reputations:
    12
    Linux 2.6.18-194.11.3.el5PAE #1 SMP Mon Aug 30 17:02:48 EDT 2010 i686
     
  20. scr1m77

    scr1m77 Member

    Joined:
    29 Dec 2010
    Messages:
    2
    Likes Received:
    6
    Reputations:
    2
    сплойты из enlightenment, не взяли.
     
Thread Status:
Not open for further replies.