Jump to content

Would like some assistance understanding some .c is possible.


Recommended Posts

Posted

Hello,

I am new to the scripting world and am by no way a coder just yet. I've been reading up on it but I am still very new.

My brother gave me his old Practical exam to learn from and its been fun. I've performed a successful MITM Attack and learned how to extract a shadow file and crack them using john.

I'm currently learning how to try to gain privilege escalation and i've been researching CVE-2004-0077 and per Bugtraq I've found mrep_poc_2.c

I've tried reading the code but its beyond my understanding.

When trying to compile I get the following:

./remap_poc_2.c: line 1: /bin: is a directory

./remap_poc_2.c: line 2: syntax error near unexpeected toekn '('

./remap_poc_2.c: line 3: '*Proof-of-concept code for do_remap() #2'

I'm not asking for someone to give me an answer or anything but just an understanding of what type of error this is throwing out at me so I can get good at this. One day I'd like to be like you guys after a few books and classes but one step at a time.

My brother said this was a great start and I could use it to get a CPT Certification one day.

Any help would be appreciated.

Thank you.

-Len

Posted

ok so I ran gcc296 -W -Wall mremap_poc_.c && ./a.out

Returned with:

nmap: Cannot allocate memory

created ~65530 VMAs

now remapping 0X3FFE5000 at 0x3FFE1000

Segmentation fault

My brother says the answer is: #65525 0x50bf5000 -0x50bf6000 but he wont show me how.

Why would I get different flags?

I'm trying everything I can to understand this. Any push in the right direction would be great. Thanks

Posted

Jesus, that's some old shit right there. But still great to play around with.

Problem is, I have no idea where your code file came from so whatever it may do is, at least to me, a complete mystery.

I've found an exploit for the vulnerability at the end of this vulnerability report. At first gloss it's really detailed about what's going wrong and how this is exploited aswell. Read through it and maybe things will fall into place.

http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt

Posted

I'm not asking for someone to give me an answer or anything but just an understanding of what type of error this is throwing out at me so I can get good at this. One day I'd like to be like you guys after a few books and classes but one step at a time.

My brother said this was a great start and I could use it to get a CPT Certification one day.

Any help would be appreciated.

Thank you.

-Len

I'm going to completely disagree with your brother here and say it isn't a good way to start. Without a good knowledge of the systems you are working on you'll always get stuck as soon as something goes wrong. If you want a good starting place then get used to Linux, use it regularly and understand how it works. Once you understand that then debugging this problem would be a lot easier and something that you could easily do yourself.

Next, once you know your operating systems well, learn some coding. You don't have to learn a lot but at least do a "hello world" in some of the more popular languages so you'll understand what they should look like and appreciate the difference between compiled and interpreted languages. Your compiler is failing here and I'd guess it is because you aren't actually compiling c code.

After you've got a handle on all that then you'll be able to pick up security stuff a lot easier as you'll understand what is going on and what you are doing. At the moment you are picking up someone elses code and trying to run it without any real idea of what it is doing, I hope you are doing it in a VM or on a machine that you don't care about as it could end up doing anything to it. You should be able to look at whatever exploit you are trying to run and at least have a rough idea of what it is going to do, you probably won't be able to fully understand it but if it is something that should open local files and you see network socket code then that should warn you that there is some kind of backdoor or call home in it.

Security isn't a quick and easy thing to get into, you have to lay the foundations first, without those you'll always be scratching around hoping things work and wasting time searching around when they don't. Its a lot of hard work but well worth it when you put it in.

Finally, I don't know if anyone else puts any weight in a CPT certificate but I wouldn't. Having it may be better than not but if I were looking at certs I'd look at things like the ones from Offensive Security, Security Tube and, if you've got lots of cash, SANS.

Posted

Thank you Cooper for the txt file. I will read through it and see if I can comprehend it.

digininja; I understand but I've made it this far so I'd really love to complete it and impress my brother. I also think its great to get just thrown in to the water some times.

Unfortunately I just need to hope I'm not setting up a botnet or a backdoor.

Posted

There is being thrown in the deep end and there is doing it properly. If you are only doing it to impress your brother then thats fine, just hack your way through it, if you want to be good at it then worth through the steps and do it properly.

I see so many people who try to come into this without the proper grounding and they never succeed, resumes would be thrown out without a second glance.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...