OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Cache (cache_at_sowatech.com.pl)
Date: Mon Jan 06 2003 - 12:02:59 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Nothing special, lame :)

    Hi,

    0x01 About
    0x02 Practical
    0x03 Conclusion
    0x04 Install
    0x05 End
    0x06 Greetz

    0x01 About:

    Autor: Rafael Lesniak / 05012003 Hannover / cacheirc.pl
    Sorry for My English

    All: files are on:
    http://www.sowatech.com.pl/cache/soft/proc-patch.tar.gz

    This is a little information leak. This bug(?) is not dangerous, but
    normal user can see all process on the box using ex. /bin/ps;

    Affected Systems:
    FreeBSD :possible all
    OpenBSD :don't known
    Linux :don't known
    Other :don't known

    0x02 Practical:

    (I don't use /proc.)

    Last login: Sun Jan 5 00:13:01 on ttyv0
    Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California. All rights reserved.

    FreeBSD 4.7-RELEASE (SILENT) #1: Sun Jan 5 00:10:51 GMT 2003

    Welcome to FreeBSD!

    [cachesilent][ttyv1] ~> grep "FreeBSD:" /usr/src/sys/i386/conf/LINT
    # $FreeBSD: src/sys/i386/conf/LINT,v 1.749.2.124 2002/10/05 18:31:47 scottl
    Exp

    [cachesilent][ttyv1] ~> sysctl -a | grep show
    kern.ps_showallprocs: 0
    [cachesilent][ttyv1] ~> ps -auxwwwp 101
    USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
    root 101 0,0 0,2 1020 740 ?? Is 0:12 0:00,01 /usr/sbin/cron

    ps [-aCcefhjlmrSTuvwx] [-M core] [-N system] [-O fmt] [-o fmt] [-p pid]
        [-t tty] [-U username]

    -p Display information associated with the specified process ID.

    --- cut ---

    0x03 Conclusion:

    I hope it is good idea to protect all process information
    (any way, for what We need kern.ps_showallprocs?)

    [cachesilent][ttyv1] ~> cat info.sh
    #!/bin/sh
    pid=0;
    while x=0; do
    /bin/ps -auxwwwp $pid | /usr/bin/grep $pid;
    pid=`expr $pid + 1`;
    done

    --- cut ---

    See out.log how it works.

    0x04 Install:

    $ mkdir /tmp/patch
    $ cp proc-patch.tar.gz /tmp/patch
    $ cd /tmp/patch
    $ tar -zxvf proc-patch.tar.gz
    $ su
    # patch -p0 < proc.patch

    --- cut ---
    ...
    --------------------------
    |*** /usr/src/sys/kern/kern_proc.c Tue May 1 13:39:06 2001
    |--- /usr/src/sys/kern/kern_proc.c Sun Jan 5 00:18:40 2003
    --------------------------
    Patching file /usr/src/sys/kern/kern_proc.c using Plan A...
    Hunk #1 succeeded at 453.
    done
    --- cut ---

    configure Your kernel, compile, install and thats all.

    0x05 End:

    I have make this little patch for My FreeBSD box, and this method
    doesn't work. May be it is possible to do, but this is not My
    skill level );] ...

    0x06 Greetz:
        kador, Lam3rz, layon, ultor, neutrinka, !pl-bsd, and
            all lamerz ...

    ## Rafal (cache) Lesniak #######
    CoSysOp cache /at/ sowatech.com.pl
    ### http://www.sowatech.com.pl ###