diff options
| author | Root THC | 2026-02-24 12:42:47 +0000 |
|---|---|---|
| committer | Root THC | 2026-02-24 12:42:47 +0000 |
| commit | c9cbeced5b3f2bdd7407e29c0811e65954132540 (patch) | |
| tree | aefc355416b561111819de159ccbd86c3004cf88 /exploits/7350wurm/shellcode/pt | |
| parent | 073fe4bf9fca6bf40cef2886d75df832ef4b6fca (diff) | |
initial
Diffstat (limited to 'exploits/7350wurm/shellcode/pt')
| -rw-r--r-- | exploits/7350wurm/shellcode/pt/Makefile | 8 | ||||
| -rw-r--r-- | exploits/7350wurm/shellcode/pt/README | 6 | ||||
| -rw-r--r-- | exploits/7350wurm/shellcode/pt/rptrace.c | 42 | ||||
| -rw-r--r-- | exploits/7350wurm/shellcode/pt/rptrace.o | bin | 0 -> 1456 bytes | |||
| -rw-r--r-- | exploits/7350wurm/shellcode/pt/x.tar.gz | bin | 0 -> 800 bytes |
5 files changed, 56 insertions, 0 deletions
diff --git a/exploits/7350wurm/shellcode/pt/Makefile b/exploits/7350wurm/shellcode/pt/Makefile new file mode 100644 index 0000000..e5e1fd5 --- /dev/null +++ b/exploits/7350wurm/shellcode/pt/Makefile | |||
| @@ -0,0 +1,8 @@ | |||
| 1 | |||
| 2 | all: rptrace.c | ||
| 3 | rm -f rptrace.o | ||
| 4 | gcc -c -I/usr/src/linux/include -O2 -Wall rptrace.c -o rptrace.o | ||
| 5 | |||
| 6 | clean: | ||
| 7 | rm -f rptrace.o | ||
| 8 | |||
diff --git a/exploits/7350wurm/shellcode/pt/README b/exploits/7350wurm/shellcode/pt/README new file mode 100644 index 0000000..0139382 --- /dev/null +++ b/exploits/7350wurm/shellcode/pt/README | |||
| @@ -0,0 +1,6 @@ | |||
| 1 | This is a *simple* HACK to get around the ptrace/exec security problem | ||
| 2 | in linux <2.2.19. It simply disables ptrace for everyone except root. | ||
| 3 | Just make, and insmod the .o .. and your uptime will be preserved! :P | ||
| 4 | |||
| 5 | -MadCamel (madcamel@energymech.net) | ||
| 6 | |||
diff --git a/exploits/7350wurm/shellcode/pt/rptrace.c b/exploits/7350wurm/shellcode/pt/rptrace.c new file mode 100644 index 0000000..f7de48b --- /dev/null +++ b/exploits/7350wurm/shellcode/pt/rptrace.c | |||
| @@ -0,0 +1,42 @@ | |||
| 1 | #define MODULE | ||
| 2 | #define __KERNEL__ | ||
| 3 | #include <linux/module.h> | ||
| 4 | #include <linux/kernel.h> | ||
| 5 | #include <sys/syscall.h> | ||
| 6 | #include <linux/smp_lock.h> | ||
| 7 | #include <linux/capability.h> | ||
| 8 | |||
| 9 | struct task_struct *init_hook = NULL; | ||
| 10 | extern void *sys_call_table[]; | ||
| 11 | |||
| 12 | int (*o_ptrace)(int, int, int, int); | ||
| 13 | |||
| 14 | int n_ptrace(int req, int pid, int addr, int data) | ||
| 15 | { | ||
| 16 | int r; | ||
| 17 | |||
| 18 | r = o_ptrace(req, pid, addr, data); | ||
| 19 | printk ("PTRACE (%08x, %08x, %08x, %08x) = %08x\n", req, pid, addr, data, r); | ||
| 20 | return (r); | ||
| 21 | } | ||
| 22 | |||
| 23 | #define REPLACE(x) o_##x = sys_call_table[__NR_##x];\ | ||
| 24 | sys_call_table[__NR_##x] = n_##x | ||
| 25 | int init_module(void) | ||
| 26 | { | ||
| 27 | lock_kernel(); | ||
| 28 | EXPORT_NO_SYMBOLS; | ||
| 29 | REPLACE(ptrace); | ||
| 30 | unlock_kernel(); | ||
| 31 | return(0); | ||
| 32 | } | ||
| 33 | |||
| 34 | #define RESTORE(x) sys_call_table[__NR_##x] = o_##x | ||
| 35 | int cleanup_module(void) | ||
| 36 | { | ||
| 37 | lock_kernel(); | ||
| 38 | RESTORE(ptrace); | ||
| 39 | unlock_kernel(); | ||
| 40 | return(0); | ||
| 41 | } | ||
| 42 | |||
diff --git a/exploits/7350wurm/shellcode/pt/rptrace.o b/exploits/7350wurm/shellcode/pt/rptrace.o new file mode 100644 index 0000000..dd3bc56 --- /dev/null +++ b/exploits/7350wurm/shellcode/pt/rptrace.o | |||
| Binary files differ | |||
diff --git a/exploits/7350wurm/shellcode/pt/x.tar.gz b/exploits/7350wurm/shellcode/pt/x.tar.gz new file mode 100644 index 0000000..06ba614 --- /dev/null +++ b/exploits/7350wurm/shellcode/pt/x.tar.gz | |||
| Binary files differ | |||