Upload

Loading icon Loading...

This video is unavailable.

Linux 2.6.31 perf_counter x86/x64 Local Root Exploit with SELinux user_u defeat and disabling

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like spendergrsec's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike spendergrsec's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add spendergrsec's video to your playlist.

Uploaded on Sep 18, 2009

In this video I demonstrate a different method of exploiting the recent perf_counter vulnerability where it doesn't require a NULL mapping. The technique is from nemo, credits to him: it seems quite stable on both single and multi-processor machines (it's been 100% reliable so far). To further demonstrate how easy the vulnerability can be exploited in the face of access control mechanisms, I exploit the vulnerability in the restricted user_u role of SELinux on a fully patched FC11 (which prevents execution of any suid app, among many other things), bypassing execmem restrictions, and finally disable SELinux completely.

  • Category

  • License

    Standard YouTube License

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Loading icon Loading...

Advertisement
Loading...
Working...
Sign in to add this to Watch Later

Add to