The source code link seems to be down:<br> <a href="http://xxxxsheep.org/%7Esd/warez/semtex.c" target="_blank">http://xxxxsheep.org/~sd/warez/semtex.c</a><br><br>-Travis<br><br><div class="gmail_quote">On Tue, May 14, 2013 at 12:33 PM, Joshua Kramer <span dir="ltr"><<a href="mailto:joskra42.list@gmail.com" target="_blank">joskra42.list@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div>I recently saw this:</div><div><br></div><div><a href="https://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59" target="_blank">https://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59</a><br>
</div><div><br></div><div>Given a command prompt, download this exploit, compile it, run it... and you suddenly have root. What is interesting about this is, as soon as you have root, you can disable SELinux.</div>
<div><br></div><div>Apparently it can be mitigated using this kernel module:</div><div><br></div><div><a href="http://elrepo.org/tiki/kmod-tpe" target="_blank">http://elrepo.org/tiki/kmod-tpe</a><br></div><div>
<br></div><div>I spun up a test VM and tested this - it works! What would be interesting is doing some investigation to see if SELinux could prevent damage if this code was run from a malicious web app instead of the command prompt.</div>
<div><br></div><div>Also, I wonder if this works on Scientific Linux and other RHEL derivatives, or RHEL itself?</div><div><br></div><div>Cheers,</div><div>-JK</div></div>
<br>_______________________________________________<br>
colug-432 mailing list<br>
<a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
<a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>"A careful reading of history clearly demonstrates ...<br>that people don't read history carefully.”<br><br>“We can't solve problems by using the same kind of thinking we used when we created them.”<br>
—Albert Einstein<br>