Sunday, January 29, 2012
ROOT Exploits - #Exploit & #Infosec Tweet of The Week
Posted by
Shipcode
at
29.1.12
Labels:
android 4.0 exploit,
CVE-2012-0056,
Jason A. Donenfeld,
linux hacking,
linux local root exploit,
linux privilege escalation,
mempodipper,
mempodroid,
PoC,
root exploits,
rooting,
zx2c4
It's been a very busy day for me this week because of school works and assignments. But so much for that, topics related to root exploits are also the recent tweets for this week. Thanks to my feeds in twitter for the security news.
Last January 21, 2012, an exploit called Mempodipper / Linux Local Privilege Escalation via SUID /proc/pid/mem Write (CVE 2012-0056) was published by Jason A. Donenfeld a.k.a zx2c4. In other words, the exploit allows a normal user to gain root (super user) access to a box. The exploit affects Linux kernel versions 2.6.39 and above. Below is an image of a rooted Backbox Linux which has 3.0.0-14 as its kernel version.
So how can this exploit be a serious threat? It can be a very serious threat to hosting companies that offer shell access and shell accounts that offers free shell access, in fact nvita.org got owned with this kind of exploit. This kind of exploit can be used by users who have malicious intents on web servers.
To fix this exploit, update your system now. Thus, it is advisable to update your system regularly for bug updates. When I updated my Backbox Linux, the exploit no longer works. Thank God!
But wait there's more!
A few days after the Linux Local ROOT exploit (CVE 2012-0056) was published, Jay Freeman a.k.a saurik ported the exploit for Android 4.0 and based on what I know, Galaxy Nexus is using the Android 4.0 kernel. This exploit is known as Mempodroid which is termed after Mempodipper.
At least we are aware now.. Thank you saurik and zx2c4 ;)
About the Contributor:
Shipcode
is a prolific blogger of ROOTCON and at the same time an InfoSec
enthusiast from Cebu. He was inspired to join ROOTCON as part of the
core team to share his knowledge in information security. He encourages
other like minded individuals to come forward and share their knowledge
through blogging right here at ROOTCON Blog section.
ROOTCON is managed by like minded InfoSec professionals across the Philippines. All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.