Home
Showing posts with label rooting. Show all posts
Showing posts with label rooting. Show all posts

Sunday, January 29, 2012

ROOT Exploits - #Exploit & #Infosec Tweet of The Week

Posted by Shipcode at 29.1.12 Labels: , , , , , , , , , , ,

It's been a very busy day for me this week because of school works and assignments. But so much for that, topics related to root exploits are also the recent tweets for this week. Thanks to my feeds in twitter for the security news.

Last January 21, 2012, an exploit called Mempodipper / Linux Local Privilege Escalation via SUID /proc/pid/mem Write (CVE 2012-0056) was published by Jason A. Donenfeld a.k.a zx2c4. In other words, the exploit allows a normal user to gain root (super user) access to a box. The exploit affects Linux kernel versions 2.6.39 and above. Below is an image of a rooted Backbox Linux which has 3.0.0-14 as its kernel version.


So how can this exploit be a serious threat? It can be a very serious threat to hosting companies that offer shell access and shell accounts that offers free shell access, in fact nvita.org got owned with this kind of exploit. This kind of exploit can be used by users who have malicious intents on web servers.

To fix this exploit, update your system now. Thus, it is advisable to update your system regularly for bug updates. When I updated my Backbox Linux, the exploit no longer works. Thank God!

But wait there's more!

A few days after the Linux Local ROOT exploit (CVE 2012-0056) was published, Jay Freeman a.k.a saurik ported the exploit for Android 4.0 and based on what I know, Galaxy Nexus is using the Android 4.0 kernel. This exploit is known as Mempodroid which is termed after Mempodipper.



At least we are aware now.. Thank you saurik and zx2c4 ;)


About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

Read More

Wednesday, July 27, 2011

Linux 3.0 Kernel Released! Linux 3.0.c Kernel Exploit also Released!

Posted by Shipcode at 27.7.11 Labels: , , , , , , , , ,

It was in the evening of July 22, 2011 when Linus Torvalds posted on Google+ about the new 3.0 kernel version which marked the end of 2.6.x series of kernel versions. After which, the initial plans of 3.1 were then a big issue to his followers because its exploit was released a few days after it was announced officially.



A guy named Dan Rosenberg compiled a C code entitled the “DEC Alpha Linux 3.0 local root exploit” which points out the vulnerability of the new 3.0 kernel version. Then also, a guy named Cross from ROOTWORM also published his Perl script entitled “2011 Linux Auto Rooter Beta 1.0” which includes the kernel versions 2.6.18 series to 3.0 kernel version exploits. The Perl script of Cross was also posted in most of the underground websites.

For those of you who are not familiar of a kernel exploit, a kernel exploit is written in C and its objective is to root a Linux box. With this exploit, a normal user of a certain machine can become a super user of a certain box which gives him more privileges like installing more repositories, installing other softwares, hosting malicious codes, hosting an ssh scanner, etc. Thus it’s a big, big trouble.

As of now, The Linux team is still fixing some of the current kernel’s bugs and issues. We hope to see the release of the 3.1 kernel version soon.



About the Contributor:

Shipcode is an InfoSec enthusiast from Cebu. During his high school days he was just an ordinary script kiddie. He loves to search for web exploits and other issues concerning network / wireless security.


ROOTCON is managed by like minded InfoSec professionals across the Philippines. All rights reserved.Designated trademarks, brands and articles are the property of their respective owners.

Read More
Subscribe to: Posts (Atom)
Subscribe to: Posts (Atom)