[Security] B - achieving root permisions from normal user account
zoli@polarhome.com
zoli@polarhome.com
Thu, 20 Sep 2001 16:08:52 +0200
hi,
I checked it and it does not like to work...
BUT if you read carefuly the instrucyions tr sais:
* This exploit does not work on 2.4.x because kernel won't set suid
* privileges if user ptraces a binary.
and if you check:
root@gate~# uname -nrs
Linux gate.polarhome.com 2.4.3-12
It will eexplain...
This kernel is not bug free at all, but that one is not the right exploit.
Regards, Z
>ozzy@gate~/hack$ ./epcs2
>bug exploited successfully.
>enjoy!
>sh-2.04$ exit
>ozzy@gate~/hack$ ./epcs2
>ptrace: PTRACE_ATTACH: Operation not permitted
>d0h! error!
>ozzy@gate~/hack$ date
>Thu Sep 20 03:20:32 CEST 2001
>The source of the local exploit is /home/o/ozzy/hack/epcs2.c
>Works the first time only after system reboot.
>Actually it is for slackware but obviously works on RedHat 7.1.
>^_^
>Best wishes!
> Ventsislav Nikolov
>_______________________________________________
>Security mailing list
>Security@polarhome.com
>http://www.polarhome.com/mailman/listinfo/security