Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Compiling Kslice's CVE-2010-3081 high-profile exploit test
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Unsupported Software
View previous topic :: View next topic  
Author Message
Shining Arcanine
Veteran
Veteran


Joined: 24 Sep 2009
Posts: 1110

PostPosted: Wed Sep 22, 2010 3:47 am    Post subject: Compiling Kslice's CVE-2010-3081 high-profile exploit test Reply with quote

https://www.ksplice.com/uptrack/cve-2010-3081.ssi.xhtml

Has anyone been able to compile Ksplice's CVE-2010-3081 high-profile exploit test? While the binary runs on my system, I have not been able to successfully compile it from source. I am doing gcc diagnose-2010-3081.c && ./a.out. I know that the binary works, but as a computer science student, I am wondering what I am doing wrong.
Back to top
View user's profile Send private message
cach0rr0
Bodhisattva
Bodhisattva


Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas

PostPosted: Wed Sep 22, 2010 6:58 am    Post subject: Reply with quote

just built it without issue

Code:


# gcc-config -l
 [1] x86_64-pc-linux-gnu-4.3.4 *


gcc diagnose-2010-3081.c -o sploit

One thing I will say, i tried, from windows, copying the file from notepad++ on Win7, pasting into text editor within putty, and building, and because of the screwy line breaks it failed to build ( http://paste.pocoo.org/show/265626/)

wget'ing the file directly it built straight away
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
cach0rr0
Bodhisattva
Bodhisattva


Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas

PostPosted: Wed Sep 22, 2010 7:02 am    Post subject: Reply with quote

interesting. running a fairly old hardened-sources build

Code:

 $ ./sploit
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)

$$$ Kernel release: 2.6.29-hardened
!!! Could not find symbol: prepare_creds

A symbol required by the published exploit for CVE-2010-3081 is not
provided by your kernel.  The exploit would not work on your system.


gonna try it on the .32-hardened machine i have out of curiosity.

EDIT: here we go

Code:

Sep 22 02:07:11 ricker kernel: [   88.976865] grsec: From 75.148.243.90: denied untrusted exec of /home/meat/diagnose by /bin/bash[bash:3650] uid/euid:1000/1000 gid/egid:1005/1005, parent /bin/bash[bash:3646] uid/euid:1000/1000 gid/egid:1005/1005


running it I just get "Permission Denied"

reckon it has to do with:

Code:

 CONFIG_GRKERNSEC_TPE_ALL:
  │
  │ If you say Y here, All non-root users other than the ones in the
  │ group specified in the main TPE option will only be allowed to
  │ execute files in directories they own that are not group or
  │ world-writable, or in directories owned by root and writable only by
  │ root.  If the sysctl option is enabled, a sysctl option with name
  │ "tpe_restrict_all" is created.

_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
Anon-E-moose
Advocate
Advocate


Joined: 23 May 2008
Posts: 3836
Location: Dallas area

PostPosted: Wed Sep 22, 2010 10:16 am    Post subject: Reply with quote

It compiled fine (gcc 4.4.4) for me, but I downloaded it rather than cut and paste
_________________
Asus m5a99fx, FX 8320 - nouveau, oss4, rx550 for qemu passthrough
Acer laptop E5-575, i3-7100u - i965, alsa
---both---
5.0.13 zen kernel, profile 17.0 (no-pie) amd64-no-multilib
gcc 8.2.0, eudev, openrc, openbox, palemoon
Back to top
View user's profile Send private message
Gef
Apprentice
Apprentice


Joined: 17 May 2008
Posts: 180
Location: France

PostPosted: Wed Sep 22, 2010 12:15 pm    Post subject: Reply with quote

Interesting
Code:

~/tmp $ wget https://www.ksplice.com/support/diagnose-2010-3081.c -q
~/tmp $ gcc diagnose-2010-3081.c -o diagnose-2010-3081
~/tmp $ ./diagnose-2010-3081
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)

$$$ Kernel release: 2.6.35-zen3-08267-gca1662d
!!! Could not find symbol: per_cpu__current_task

A symbol required by the published exploit for CVE-2010-3081 is not
provided by your kernel.  The exploit would not work on your system.

_________________
Laptop : Gentoo ~amd64
(remote) Server : Gentoo amd64
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Unsupported Software All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum