Recent linux glibc localroot exploit and Invalid cross-device li

Source: Internet
Author: User

Subaozi

Recently someone blew up a localroot exp http://www.bkjia.com/Article/201011/78200.html, cve-2010-3847 for linux glic. Some time ago, some hackers repeatedly complained to me, saying that I had a great impact on their rice bowl when I fixed localroot articles on cnbeta, I was asked not to gossip on cnbeta in time. In addition, Su Bao is indeed very busy recently. I didn't go to cnbeta gossip for glibc localroot this time, so people outside the circle know that there are not many children's shoes for glibc localroot.

I think you will encounter many problems when using this exp for penetration testing. I can also say a few words, this exp is not able to hit rhel5, there are certain prerequisites, the most critical is that exp and suid programs cannot cross file systems. If you encounter an Invalid cross-device link error message, the reason is that this exp requires a hard link, and the hard link does not allow cross-file systems. The following partition method is an example of a cross-File System:

 

[Root @ localroot ~] # Mount
/Dev/sda1 on/type ext3 (rw)
Proc on/proc type proc (rw)
Sysfs on/sys type sysfs (rw)
Devpts on/dev/pts type devpts (rw, gid = 5, mode = 620)
/Dev/sda7 on/tmp type ext3 (rw)
/Dev/sda6 on/usr type ext3 (rw)
/Dev/sda5 on/usr/local type ext3 (rw)
/Dev/sda3 on/var type ext3 (rw)
/Dev/sdb1 on/www type ext3 (rw)
Tmpfs on/dev/shm type tmpfs (rw)
None on/proc/sys/fs/binfmt_misc type binfmt_misc (rw)

Well, the truth is also true. There should be not many kids shoes who can understand the vulnerability and know that hard links cannot cross-file systems. I also posted an error message on google, but this experience can be obtained in practice.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.