GO IT WORLD | IT TECH | IT NEWS » linux

linux local privilege escalation on polkit-1 <= 0.101

jason — Thu, 06 Oct 2011 14:17:44 +0000

/* polkit-pwnage.c
*
*
* ==============================
* =      PolicyKit Pwnage      =
* =          by zx2c4          =
* =        Sept 2, 2011        =
* ==============================
*
*
* Howdy folks,
*
* This exploits CVE-2011-1485, a race condition in PolicyKit.
*
* davidz25 explains:
*
* –begin–
* Briefly, the problem is that the UID for the parent process of pkexec(1) is

… Read the rest

Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation

jason — Fri, 05 Aug 2011 03:57:03 +0000

This custom_method file allows to inject custom ACPI methods into the ACPI interpreter tables. This control file was introduced with world writeable permissions in Linux Kernel 2.6.33.

/*
* american-sign-language.c
*
* Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation
* Jon Oberheide <jon@oberheide.org>
* http://jon.oberheide.org
*
* Information:
*
*   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4347
*
*   This custom_method file allows to inject custom ACPI methods into the ACPI
*   interpreter tables. This control file

… Read the rest

sniffer tools for Centos–dsniff

jason — Thu, 07 Apr 2011 07:14:41 +0000

dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.

Home Page (http://monkey.org/~dugsong/dsniff/)

INSTALL Dsniff:

1. software list

libpcap-0.7.2.tar.gz

libnet-1.0.2a.tar.gz

libnids-1.18.tar.gz

dsniff-2.3.tar.gz

2. install gcc and openssl

yum –y install openssl gcc

… Read the rest

How do I view the information the process of IO to read and write on linux?

jason — Tue, 18 Jan 2011 09:42:15 +0000

Linux Kernel 2.6.20 kernel support for the process of more than IO statistics, can use such tools like iotop each process to monitor the situation on the IO operation, just as with the top real-time view process memory, CPU and so take the case in. But for Linux kernel version 2.6.20 the following not so lucky, according to Stack Overflow of Replies in this way is given, VPSee Python to write a simple script that is used in linux kernel <2.6.20 the printing process under the IO condition .

Kernel < 2.6.20 Kernel <2.6.20

This idea is very simple… Read the rest

Tunning Kernel Parameters Improving Linux Network Performance

jason — Mon, 08 Mar 2010 11:44:15 +0000

By tunning kernel parameters can improve linux socket io performance. The settings for sysctl.conf below apply for Fedora, RedHat, Centos OS as well as other Linux flavors. These settings will improve your server network performance and some little protection against ddos attacks as well.

# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Disables packet forwarding
net.ipv4.ip_forward=0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0 Read the rest

Linux Check Disk Space with the Commands du and df

jason — Sun, 07 Mar 2010 10:10:54 +0000

To get a summary of the available and used disk space on your Linux system is to type in the df command in a terminal window. The command df stands for "disk filesystem". With the -h option (df -h) it shows the disk space in "human readable" form, which in this case means, it gives you the units along with the numbers.

The output of the df command is a table with four columns. The first column contains the file system path, which can be a reference to a hard disk or another storage device, or a file system connected… Read the rest

Install DHCP-SERVER in Linux Debian

jason — Fri, 05 Mar 2010 11:30:07 +0000

Installing DHCP Server in debian linux is not that hard actually…

I assume you have the following configuration on your host:

2 internal nics:
eth0 (For internal )
eth1 (for internet)

1. Setting up your eth0 for dhcp use

The most important thing you need to do is configuring static ip adresses.

I will use the following IP adress 192.168.10.x as my ip-adress range.

We type the following command: nano /etc/network/interfaces

And be sure the settings are the same as below:

auto eth0
iface eth0 inet static
address 192.168.10.1
netmask 255.255.255.0

… Read the rest

Linux software RAID 5 very slow

jason — Thu, 04 Mar 2010 11:49:01 +0000

Here I am going to tell about Linux software RAID. If it’s very slow,you can test it with my way, hope it can help you.
So I had a ASUS P6T motherboard which has Intel ICH10R raid controller, 3x 1 Tb SATA 2 HDDs and Intel Core i7 920 processor. So I wanted to install Fedora 10 on that machine.
After configuring RAID 5 in the BIOS I booted the Fedora 10 installation DVD to start the installation. BUT! Suddenly I saw that Anaconda see 3 separate hard drives instead of 1 RAID device. After some googleing I… Read the rest

Homemade Bench top Power Supply

jason — Sun, 28 Feb 2010 02:33:36 +0000

I’ve always had an interest for electronics and recently I’ve been exploring my interests more. Last week I sorted through my tub of parts and placed them in individual draws. It took a good while to sort everything but I think it was worth it. I’ve seen power supplies built from PC power supplies before so I thought I’d build one my self. Thing is, I never really got around to it.

Yesterday I was feeling rather ambitious and decided to make a bench top power supply for small electronics. All the sites I found I have lost, so I… Read the rest

Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit

jason — Thu, 03 Sep 2009 05:27:12 +0000

/***********************************************************
* hoagie_udp_sendmsg.c
* LOCAL LINUX KERNEL ROOT EXPLOIT (< 2.6.19) – CVE-2009-2698
*
* udp_sendmsg bug exploit via (*output) callback function
* used in dst_entry / rtable
*
* Bug reported by Tavis Ormandy and Julien Tinnes
* of the Google Security Team
*
* Tested with Debian Etch (r0)
*
* $ cat /etc/debian_version
* 4.0
* $ uname -a
* Linux debian 2.6.18-4-686 #1 SMP Mon Mar… Read the rest