I am sorry for the blog relationship for nearly two weeks because of a serious hardware fault in the IDC room. Recently I met a webshell and needed to obtain the highest permissions for some other operations, the kernel version after uname-r is 2.6.9-34, which is relatively low. Unfortunately, no overflow is successful, and most of the errors are addresses.
I am sorry for the blog relationship for nearly two weeks because of a serious hardware fault in the IDC room. Recently I met a webshell and needed to obtain the highest permissions for some other operations,UnameThe kernel version after-r is 2.6.9-34, which is relatively low. Unfortunately, no overflow is successful, and most of the errors are address-based errors, gcc is disabled on the host of the other party. After compiling on the linux platform, I transplanted the gcc to my host. After reading my linux version 2.6.23.1, I 'd like to try it out!
This attempt was made by foreign hackers taviso and julien. One of them can attack all the vulnerabilities in the new and old Linux systems and kill almost all versions of 2.6.X. This is amazing. Of course we have to test it first, the file may be too large to be uploaded. paste the address directly:
Http://www.securityfocus.com/data/vuLnErabilities/ExPloits/wunderbar_emporium-3.tgz
Because it is a tgz file format, you can directly download it through the wget url, and then use tar-zxvfFileNameExtractAfter decompression, you can obtain the following four files:
Now we can go to this directory to execute./w * ThisCommandThat is, run wunderbar_emporium.sh. Let's take a look at the result after the execution is successful:
After successfully obtaining the root permission, you can test it on webshell.