gliu0ir Posted October 25, 2016 Posted October 25, 2016 Hi Guys, I'm learning penetration testing and need some help with escalating my privileges on a Red Hat 9 (Shrike - kernel 2.4.20-8 - http://archive.download.redhat.com/pub/redhat/linux/9/en/iso/i386/) test VM. I'm stuck.... I'm using this exploit (https://www.exploit-db.com/exploits/160/) and keep getting "Segmentation fault" errors. I've tried others as well that should work but all appear to give me the same error. I could not find any helpful information on how to resolve this. I've tried debugging the code but I'm not a programmer so it's been a pain, also tired changing RAM size and running the VM on different host machines as some suggested online but no luck. Anyone has any ideas or suggestions? I can provide more information if need be. Any help would be greatly appreciated. Here a screenshot: https://imgur.com/a/7mFHI Thanks. Quote
digip Posted October 26, 2016 Posted October 26, 2016 (edited) Looking at the code, what happens when you run the command with ./mremap_pte /bin/ping /bin/bash ? If that doesn't work, and since this is an old kernel, 2 words. Dirty Cow. Edited October 26, 2016 by digip Quote
gliu0ir Posted October 26, 2016 Author Posted October 26, 2016 Thanks for the suggestion. Here's what I get. It still seems to be missing something, no segmentation fault error though. I'm getting the same thing as if just typing this: ./mremap_pte Anything else I can try? Quote
digip Posted October 26, 2016 Posted October 26, 2016 I had thought it wanted you to pass the program it was going to exploit with the setuid and then what shell you wanted, but guess that isn't how it works. Either way. Dirty Cow will do what you want(or should). Just have to find the port for RHL. https://dirtycow.ninja/ Quote
gliu0ir Posted October 26, 2016 Author Posted October 26, 2016 OK. Sounds good. Will give that a go and post an update if it works. Thanks for the help. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.