Tag Archives: freebsd

IT Security Brothers (http://itsb.pro)

Hi guys, I would like to present you our new project IT Security Brothers http://itsb.pro
We provide pentest, consultations and IT outsourcing services.
Feel free to hire us for IT jobs.

FreeBSD 7-8 Exploit & Patch

Local Exploit ups right from the ordinary user to root.

http://seclists.org/fulldisclosure/2009/Nov/371

Launches the exploit from the user and get the root rights.

Patching:

cd /usr/src/libexec/rtld-elf
cp rtld.c rtld.c.bak
ee rtld.c

Find the part of the file:

if (!trust) {
unsetenv (LD_ «PRELOAD»);
unsetenv (LD_ «LIBMAP»);
unsetenv (LD_ «LIBRARY_PATH»);
unsetenv (LD_ «LIBMAP_DISABLE»);
unsetenv (LD_ «DEBUG»);

and change it to:

if (!trust) {
if (unsetenv (LD_ «PRELOAD») || unsetenv (LD_ «LIBMAP») ||
unsetenv (LD_ «LIBRARY_PATH») || unsetenv (LD_ «LIBMAP_DISABLE») ||
unsetenv (LD_ «DEBUG») || unsetenv (LD_ «ELF_HINTS_PATH»)) {
_rtld_error («environment corrupt; aborting»);
die ();
}
}

Next, write a make && make install, now you can check again exploit, it's work.

FreeBSD: Update the ports tree

Method # tricky (because I am about him not even guess, although should be):

[shell@root]# cd /usr
[shell@root]# rm -rf ports
[shell@root]# sysinstall -> Configure -> Distribution -> ports -> ftp ->choose ftp server with which to merge the ports.

[shell@root]# ls /usr //if you see a catalog of ports — then everything is OK.