[Dailydave] Linux recvmmsg privilege escalation exploit
Alex McGeorge
alexm at immunityinc.com
Thu Mar 6 10:57:51 EST 2014
Hello List,
There's been a lot of public work on the Linux recvmmsg local privilege
escalation (CVE-2014-0038) and there are some nice public exploits
available for it. Like any consumer though, I've realized the exploit
game is really a features race. Our exploit for this bug is quick, like
returning shells in under 30 seconds quick. It also doesn't require
symbols which makes it more portable. And we've tested it to work on a
pretty wide variety of kernels you'll see in the wild powering Ubuntu
and other Debian derived distributions. These are the kind of features
you want when you rely on this type of software. Like most feature rich
software this module was a team effort, in this case our Linux exploit
development team :)
Check it out in action: http://vimeo.com/88291815 , there are also some
useful tips about using this exploit in practice that you'll want to be
aware of
This exploit is going to be a CANVAS Early Updates exclusive, at least
for a little while. More information on CEU can be found:
http://www.immunityinc.com/products-early_updates.shtml
Cheers,
-AlexM
More information about the Dailydave
mailing list