memedirs maxed out at 5000, all dirs belong to user.

[Kinny092]

Hi guys,

As the subject stated, it is self-explanatory. I tried to modify the race sleep time to 1000000000000000 (and yes that is 15 zeros!) Ran the exploit again and it still created 5000 dir again and failed.

The Ubuntu version I have is 18.04.4 LTS. The other thing is that I tried to trial and error is that it goes </etc/passwd> <modifed passwd with uid 0> I am not sure how the exploit links to exploit.c. Changing the extension of exploit.c resulted that the exploit could still run. So I am not sure where the exploit gets the RST parameter value.

Thanks

[stong]

This could indicate the overflow isn’t working, try commenting the mkdir and symlink code (eliminating the race) and see if any dirs are created. If not, it means your sudo version probably won’t work with this exploit.

On Fri, Feb 12, 2021 at 07:44, Kinny [email protected] wrote:

Hi guys,

As the subject stated, it is self-explanatory. I tried to modify the race sleep time to 1000000000000000 (and yes that is 15 zeros!) Ran the exploit again and it still created 5000 dir again and failed.

The Ubuntu version I have is 18.04.4 LTS. The other thing is that I tried to trial and error is that it goes </etc/passwd> <modifed passwd with uid 0> I am not sure how the exploit links to exploit.c. Changing the extension of exploit.c resulted that the exploit could still run. So I am not sure where the exploit gets the RST parameter value.

Thanks

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[Kinny092]

I tried to comment out the mkdir and symlink in the if condition and that still created the dirs. My sudo version is 1.8.21p2