Linux Exploits

Printable View

May 19th, 2005, 04:44 PM
neopheen

Linux Exploits

Hi All!

For the past year, my research group and I have been working on Linux kernel security auditing at the University at Albany. Thus far we have made some great progress towards a useful auditing tool that can be used in the "real world". Lately, however, we have hit a snag. Upon writing code that detects unauthorized root access, we have discovered that we don't have any way to test our product. At this point we have tried a bunch of exploits but to no avil. Is there any one among you who has source code for a 2.6.2 linux kernel exploit that will grant root privileges?
Please know that this code would be used only in a research capacity. Also, we would be happy to include anyone who helps us out in our publication.
Cheers
May 19th, 2005, 05:22 PM
¤The¤Spe©ialist

Re: Linux Exploits

This claims to give super-user privileges locally. Googled in a matter of miliseconds.

Quote:

Please know that this code would be used only in a research capacity.

I don't really care but anyways... Hi, im a raging psychopath. Welcome to the AO community thingie now empty the cash register and gimme all your green colored paper.
May 19th, 2005, 05:35 PM
neopheen

First off, let me thank you for your speedy responce.
However, I have already tried this exploit with no success. The problem is that most of the exploits that are online are "modified" in small ways that make them almost work. I really need one that has been tested and known to work on the 2.6.2.
May 19th, 2005, 06:04 PM
MoonWolf

Although your storie sounds nice.

Reading it makes alarm bell ringle. If this nice auditing project exists what is its name. Where is a site ?

If you are working on this tool should you or others in the team not have enough knolidge to "fix" the exploits ?

Other small idea in case this is not a social engineering attempt. Cant you make a part of the group develop a tweaked kernel(built an exploit in) and then let another part of the group find it ?
May 19th, 2005, 06:58 PM
neopheen

The projects is based off of LTT (Linux Trace Toolkit ). Currently we have not gone public but I can say that what we are doing is some what similar to the Snare project.

We do have 2 people working on trying to figure some of these exploits out, but as I said, we have had no luck.

Insturmenting a "tweek" in the kernel is a good idea that has been suggested. However, catching bugs of our own creation so to speek, would make out publication far less compeling.

The exploits we require for the the 2.6.2 kernel only. Im not sure how many Linux boxes out there are still running that kernel.

Eventually, I am sure that we will get one of these exploits to work. But, I just thought if anyone know of one that is in the public domain off hand, that would be great.
May 19th, 2005, 11:28 PM
HTRegz

Hey Hey,

I dunno if I altogether trust the 'project' either... but I'm a man of faith.... and besides, this site is public knowledge.

Check out the Exploit Tree (mentioned on AO Previously) @ http://www.securityforest.com/wiki/index.php/Main_Page. You'll want to go to the ExploitTree and run it and install everything... if you can't figure out how to do that portion... then I'm guessing you're 'project' is a fake.... Browse through the folders.. I'm sure you'll find something that applies.

Peace,
HT
May 20th, 2005, 03:01 AM
neopheen

Thank you very much for the link. All we need is one exploit to work while our tracer is running and we are in business (that is if we can catch it). Our paper deadline is in 15 days, after that I will put the link here so you all can see what we are up to :-)
Cheers