lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <4c91a647.1021cc0a.0ec8.ffff8971@mx.google.com>
Date: Wed, 15 Sep 2010 22:08:23 -0700 (PDT)
From: ac1db1tch3z@...il.com
To: full-disclosure@...ts.grok.org.uk
Subject: Ac1db1tch3z vs x86_64 Linux Kernel

/*

Ac1dB1tch3z Vs Linux Kernel x86_64 0day

Today is a sad day..

R.I.P.
Tue, 29 Apr 2008  /  Tue, 7 Sep 2010

a bit of history:
MCAST_MSFILTER Compat mode bug found... upon commit! (2 year life on this one)

author    David L Stevens <dlstevens@...ibm.com>
    Tue, 29 Apr 2008 10:23:22 +0000 (03:23 -0700)
committer    David S. Miller <davem@...emloft.net>
    Tue, 29 Apr 2008 10:23:22 +0000 (03:23 -0700)
This patch adds support for getsockopt for MCAST_MSFILTER for
both IPv4 and IPv6. It depends on the previous setsockopt patch,
and uses the same method.

Signed-off-by: David L Stevens <dlstevens@...ibm.com>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>
Signed-off-by: David S. Miller <davem@...emloft.net>
------------------------------------------------------------

Thanks you for signing-off on this one guys.

This exploit has been tested very thoroughly
over the course of the past few years on many many targets.

Thanks to redhat for being nice enough to backport it into early
kernel versions (anything from later August 2008+)

Ac1dB1tch3z would like to say FUCK YOU Ben Hawkes. You are a new hero! You saved the
plan8 man. Just a bit too l8.

PS:
OpenVZ Payload / GRsec bypass removed for kidiots and fame whores. (same thing right ;))

*/

Exploit attached. Another 0day bites the dust and goes into our public exploit pack :)
Ac1dB1tch3z brings you ABftw.c - Linux Kernel x86_64 local not0dayanymore exploit.



View attachment "ABftw.c" of type "text/x-c" (24351 bytes)


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ