Linux Kernel Exploit Busily Rooting 64-Bit Machines
An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."
***Ding ding ding***
We have a winner -- Don Pardot, tell Ms. Hudson what she's won!
Caveat Utilitor
quiet, children.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
post your ip address and root password and I'll check it for you.
Do you even lift?
These aren't the 'roids you're looking for.
Guys, come look, its Abraham!
Looks like a poor mans attempt at humour.
I'd say from looking at it those were a bunch of sensible #defines before the code was released and in a fit of humour said author thought it would be funny to do a find and replace on the original ALL_CAPS_SENSIBLE_NAMES.
It just looks cheap, if you ask me.
Now back in my University days we had to implement the producers consumer problem in lisp and whilst I don't have the code to hand I do remember that I came up with the poem the code was going to say _before_ I wrote the code that solved the producers consumers assignment....
The only thing that still sticks in my head is the first line:
(hold_your (trousers) (lovelytrousers))
Yes, the queue was a pair of trousers, and the widgets were sausages.
Was fascinating, I tell you. And totally high class.
This is all really transparent.
You obviously get __yyrhdgdtfs66ytgetrfd to turn into __yyy_tegdtfsre by the addition of a reverse polish goto callback, an obscure function performed by overloading TMAGIC_66TDFDRTS and calling it every clock cycle.
Using PREPARE_GGDTSGFSRFSD and OVERRIDE_GGDTSGFSRFSD is standard procedure when dealing with credentials that are formatted in octal precision trinary floating point, and reverting them via REVERT_DHDGTRRTEFDTD is a result of taking GGDTSGFSRFSD and applying the ')(' operator.
And, of course, any competent CS professional who passed his first freshman year introductory course knows that gggdfstsgdt_dddex is the result of your cat walking across the keyboard.
no, you.
post your ip address and root password and I'll check it for you.
127.0.0.1
hunter2
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
No, Apple devices do not have security vulnerabilities to exploit. They do sometimes have remote-user-friendly jailbreaks, but that's an entirely different thing.
I am TheRaven on Soylent News