[mdlug] Linux root exploit

Aaron Kulkis akulkis3 at hotpop.com
Mon Feb 11 11:21:54 EST 2008 

Clinton V. Weiss wrote:
> On Sun, Feb 10, 2008 at 9:56 PM, Michael Corral <micorral at comcast.net>
> wrote:
> 
>> 2008-02-10, Monsieur Clinton V. Weiss a ecrit:
>>> I fully agree that this vulnerability is a big deal.  But the exploiter
>> has
>>> to do a couple of things first:
>>>
>>> 1) Circumvent physical security measures and have local access to your
>>> machine, and be able to log in to the machine.
>>> 2) Circumvent network security measures and be able to log into your
>> machine
>>> remotely.
>>>
>>> If #1 or #2 happens, then with or without this exploit you've got
>> problems.
>>
>> This is a *local* root exploit. I take it you didn't actually read the
>> link I gave. ;)
>>
>> There *are* legitimate multi-user Linux machines out there, by the way.
>>
>> Michael
>> _______________________________________________
>> mdlug mailing list
>> mdlug at mdlug.org
>> http://mdlug.org/mailman/listinfo/mdlug
>>
> 
> 
> You gave a slashdot link, where RTFA isn't required!  :)
> 
> I've tried two different systems using the instructions provided in another
> message:  my Gentoo desktop and my Debian VPS server.  Slashdot's link to
> proof of concept code won't compile on either system, and the concept code
> provided in another message compiles on my Debian VPS but doesn't work.
> Kind of a bummer I guess, I still haven't gotten my hands on a working Linux
> exploit so that I can fully understand and learn how it works.
> 
> I used to do that with boot and .exe viruses back in the day.   Figuring out
> the assembly was a challenge yet fun.

Do a google search for Morris worm.
Not linux precisely... it attacked SunOS and 4.3BSD.

Of course, to understand it, you'll first have to
learn about the VAX-11 and 680x0 cpus
[Yes, the Morris worm attacked two totally different
hardware architectures!]

The first successful dissection was by George Goble
at Purdue ECN.  He might even have a hard-copy of
the paper still laying around. [Somewhere, in a box,I
have a copy of his paper on the first dual CPU Unix].

> 
> Clinton
> 
>

More information about the mdlug mailing list