Thursday, October 18, 2007

The devil's in the details

For the benefit of anyone in Rob's class that's attempting to recreate what was done on the big display tonight --> when you're grabbing/compiling/running kmod-ptrace.c on the target machine, pay close attention to the details:
  • use gcc, not make or cc
  • when you run the program what is displayed?
  • can you do anything (hint: type ls or whoami)
  • if you hit Ctrl-C and run "ls -l", what do you see?
  • re-run the program and try to answer these questions again

Note: success may be specific to the version of the OS being run on the target machine. Your mileage will vary depending on a number of things (hint: the classroom lab is a controlled environment (i.e., each target is exactly the same)).

Enjoy! But you should probably get your homework done first. You may spend more time than you should getting the exploits to work in your home labs. If you're frustrated, please note that Rob usually isn't adverse to you coming in when there isn't a class in the lab. Just check in with one of the techs in the fishbowl.