|
Full Disclosure
mailing list archives
Re: Linux kernel uselib() privilege elevation, corrected
From: Jason Carr <jason () flacid org>
Date: Mon, 10 Jan 2005 00:38:42 -0500
Henrik Persson wrote:
Christian wrote:
Karol Wiesek schrieb:
> [appelast () nesquik appelast]$ ./ex -l ./lib
[+] SLAB cleanup
child 1 VMAs 65527
[...]
strange, it does not even compile here:
evil () prinz:~/dev/$ gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl
elflbl_v108.c: In function `scan_mm_start':
elflbl_v108.c:425: error: storage size of `l' isn't known
elflbl_v108.c:425: error: storage size of `l' isn't known
elflbl_v108.c: In function `check_vma_flags':
elflbl_v108.c:545: warning: deprecated use of label at end of compound
statement
In linux 2.6 the modify_ldt_ldt_s structure is renamed to user_desc.
Change that on row 425 and it will compile.
Weird... I tried that and I get this:
jason () overdose [~/vuln] (104) % gcc -O2 -fomit-frame-pointer elflbl.c -o
elflbl
elflbl.c:89: error: variable-size type declared outside of any function
elflbl.c: In function `make_lib':
elflbl.c:664: error: storage size of 'eh' isn't known
elflbl.c:665: error: storage size of 'eph' isn't known
elflbl.c:666: error: storage size of 'tmpbuf' isn't constant
elflbl.c:680: error: invalid application of `sizeof' to incomplete type
`elf_phdr'
elflbl.c:666: error: size of variable 'tmpbuf' is too large
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
|
Intro
