Ali ja imam mttr u kernelu a exploit ne radi...
Code:
filip@sun:~/bla$ ./exploit backup20031102.zip
mmaped uncached file at 0x4015f000 - 0x4017c0000 mmaped kernel data file at 0x4017d0000 Race won!READ 208 bytes in 23784 usec
filip@sun:~/bla$ hexdump -C kmem.dat
00000000 72 65 67 30 30 3a 20 62 61 73 65 3d 30 78 30 30 |reg00: base=0x00|
00000010 30 30 30 30 30 30 20 28 20 20 20 30 4d 42 29 2c |000000 ( 0MB),|
00000020 20 73 69 7a 65 3d 20 32 35 36 4d 42 3a 20 77 72 | size= 256MB: wr|
00000030 69 74 65 2d 62 61 63 6b 2c 20 63 6f 75 6e 74 3d |ite-back, count=|
00000040 31 0a 72 65 67 30 31 3a 20 62 61 73 65 3d 30 78 |1.reg01: base=0x|
00000050 64 30 30 30 30 30 30 30 20 28 33 33 32 38 4d 42 |d0000000 (3328MB|
00000060 29 2c 20 73 69 7a 65 3d 20 31 32 38 4d 42 3a 20 |), size= 128MB: |
00000070 77 72 69 74 65 2d 63 6f 6d 62 69 6e 69 6e 67 2c |write-combining,|
00000080 20 63 6f 75 6e 74 3d 31 0a 72 65 67 30 32 3a 20 | count=1.reg02: |
00000090 62 61 73 65 3d 30 78 64 38 30 30 30 30 30 30 20 |base=0xd8000000 |
000000a0 28 33 34 35 36 4d 42 29 2c 20 73 69 7a 65 3d 20 |(3456MB), size= |
000000b0 20 33 32 4d 42 3a 20 77 72 69 74 65 2d 63 6f 6d | 32MB: write-com|
000000c0 62 69 6e 69 6e 67 2c 20 63 6f 75 6e 74 3d 31 0a |bining, count=1.|
000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
04000000
filip@sun:~/bla$
Da li ovde ima negde root lozinke? Mislim da nema.
Naravno da sam prvo uradio:
Code:
filip@earth:~$ ssh root@sun
sa druge masine...
I na njoj sam probao, isto ne radi, i isti je kernel (linux 2.6.7)
Imate li neki HOW-TO da ovo proradi... Unapred zahvalan...
Sad ja znam zašto sam vam ovo ispričao, ovo će sigurno nekome koristiti....