Critical Bug & Exploit Here!!

Questions about the project and the distribution - obviously no support questions here please
Post Reply
User avatar
Acid_1
Level 5
Level 5
Posts: 796
Joined: Thu Nov 01, 2007 11:12 pm
Location: Saskatchewan, Canada

Critical Bug & Exploit Here!!

Post by Acid_1 » Wed Aug 19, 2009 5:09 am

Here's an explanation of the bug:

http://blog.cr0.org/2009/08/linux-null- ... ue-to.html


Here's the code to use it:

http://grsecurity.net/%7Espender/wunderbar_emporium.tgz

Run the wunderbar_emporium.sh in a shell. If it starts doing some funky colors after a few seconds, it works. If not, then you're secure.


Want to get it to run anyways, just for fun? Drop to a root terminal, and then type:

Code: Select all

echo 0 > /proc/sys/vm/mmap_min_addr
Then run the compiled binary that occured from the shell script.

Code: Select all

./pwnkernel
It should drop you to a root shell.

To fix back to a secure system, go to the root terminal and type:

Code: Select all

echo 65536 > /proc/sys/vm/mmap_min_addr


I thought it was interesting. This affects all kernels for the last 8 years!

User avatar
DrHu
Level 17
Level 17
Posts: 7537
Joined: Wed Jun 17, 2009 8:20 pm

Re: Critical Bug & Exploit Here!!

Post by DrHu » Thu Aug 20, 2009 2:56 am


Husse
Level 23
Level 23
Posts: 18701
Joined: Sun Feb 11, 2007 7:22 am
Location: Near Borås Sweden

Re: Critical Bug & Exploit Here!!

Post by Husse » Fri Sep 04, 2009 6:17 am

To check if you are at risk

Code: Select all

cat /proc/sys/vm/mmap_min_addr
If it says 65536, you're safe. If it says 0, then you're vulnerable. To fix

Code: Select all

echo "65536" | sudo tee /proc/sys/vm/mmap_min_addr
Image
Don't fix it if it ain't broken, don't break it if you can't fix it

Post Reply

Return to “Non-technical Questions”