[colug-432] New root exploit code for CentOS

Pat Collins pat at linuxcolumbus.com
Tue May 14 12:48:15 EDT 2013

Replace xxxx with the correct four letter word for the prize. 


 On Tue, 14 May 2013 12:41:39 -0400 Travis Sidelinger wrote

 The source code link seems to be down:
 http://xxxxsheep.org/~sd/warez/semtex.c [1]


 On Tue, May 14, 2013 at 12:33 PM, Joshua Kramer  wrote:
  Hello, I recently saw this:
 Given a command prompt, download this exploit, compile it, run it... and you
suddenly have root. What is interesting about this is, as soon as you have
root, you can disable SELinux.
 Apparently it can be mitigated using this kernel module:
 http://elrepo.org/tiki/kmod-tpe [4]

 I spun up a test VM and tested this - it works! What would be interesting is
doing some investigation to see if SELinux could prevent damage if this code
was run from a malicious web app instead of the command prompt.
 Also, I wonder if this works on Scientific Linux and other RHEL derivatives,
or RHEL itself?

 colug-432 mailing list
 colug-432 at colug.net [5]
 http://lists.colug.net/mailman/listinfo/colug-432 [6]

"A careful reading of history clearly demonstrates ...
that people don't read history carefully."

"We can't solve problems by using the same kind of thinking we used when we
created them."
 --Albert Einstein

[1] http://xxxxsheep.org/%7Esd/warez/semtex.c
[2] mailto:joskra42.list at gmail.com
[4] http://elrepo.org/tiki/kmod-tpe
[5] mailto:colug-432 at colug.net
[6] http://lists.colug.net/mailman/listinfo/colug-432
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20130514/7c333c67/attachment.html 

More information about the colug-432 mailing list