[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] RHEL Linux Kernel Exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] RHEL Linux Kernel Exploit
From: musnt live <musntlive@xxxxxxxxx>
Date: Wed, 15 Dec 2010 12:25:26 -0500

On 12/13/2010 4:27 PM, Ryan Sears wrote:
> Hey Dan,
>
> Freaking THANK YOU first and foremost. I've been waiting for someone to say 
> that for days now, and was just about to myself.

<is snip>

> Plain and simple. *THEN* there's people who don't even bother to read that 
> "Red Hat does not support Econet by default". DOES NOT. As in the exploit 
> WON'T WORK!

[musntlive@pizda ~]# awk '/rel/' /etc/issue
Scientific Linux SL release 5.5 (Boron)
[musntlive@pizda ~]# uname -a
Linux allotropos 2.6.18-194.3.1.el5 #1 SMP Fri May 7 01:52:57 EDT 2010
i686 athlon i386 GNU/Linux
[musntlive@pizda ~]# md5sum fullnullson.c
b16e2a647bc8de1f72f25ab29aa916da  fullnullson.c
[musntlive@pizda ~]# gcc -o hakaruski fullnullson.c && ./hakaruski
[*] Failed to open file descriptors.
[musntlive@pizda ~]# id
uid=0(root) gid=0(root)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),1337(hakaruskis)
[musntlive@pizda ~]# whoami
musntlive

Is this exploit work and is my Linux is RedHat based. Thank you Dan
and Ryan Seacrest!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] RHEL Linux Kernel Exploit
  - From: Valdis . Kletnieks

Prev by Date: [Full-disclosure] Google Urchin LFI 0day exploit code
Next by Date: [Full-disclosure] Updated online binary planting exposure test continues operation
Previous by thread: [Full-disclosure] Google Urchin LFI 0day exploit code
Next by thread: Re: [Full-disclosure] RHEL Linux Kernel Exploit
Index(es):
- Date
- Thread