Recent linux glibc localroot exploit and Invalid cross-device li

Subaozi

Recently someone blew up a localroot exp http://www.bkjia.com/Article/201011/78200.html, cve-2010-3847 for linux glic. Some time ago, some hackers repeatedly complained to me, saying that I had a great impact on their rice bowl when I fixed localroot articles on cnbeta, I was asked not to gossip on cnbeta in time. In addition, Su Bao is indeed very busy recently. I didn't go to cnbeta gossip for glibc localroot this time, so people outside the circle know that there are not many children's shoes for glibc localroot.

I think you will encounter many problems when using this exp for penetration testing. I can also say a few words, this exp is not able to hit rhel5, there are certain prerequisites, the most critical is that exp and suid programs cannot cross file systems. If you encounter an Invalid cross-device link error message, the reason is that this exp requires a hard link, and the hard link does not allow cross-file systems. The following partition method is an example of a cross-File System:

 

[Root @ localroot ~] # Mount
/Dev/sda1 on/type ext3 (rw)
Proc on/proc type proc (rw)
Sysfs on/sys type sysfs (rw)
Devpts on/dev/pts type devpts (rw, gid = 5, mode = 620)
/Dev/sda7 on/tmp type ext3 (rw)
/Dev/sda6 on/usr type ext3 (rw)
/Dev/sda5 on/usr/local type ext3 (rw)
/Dev/sda3 on/var type ext3 (rw)
/Dev/sdb1 on/www type ext3 (rw)
Tmpfs on/dev/shm type tmpfs (rw)
None on/proc/sys/fs/binfmt_misc type binfmt_misc (rw)

Well, the truth is also true. There should be not many kids shoes who can understand the vulnerability and know that hard links cannot cross-file systems. I also posted an error message on google, but this experience can be obtained in practice.