[arch-general] KVM troubles
Luna Moonbright
luna.moonbright at gmail.com
Sat Nov 28 07:14:48 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
That is a great idea, in fact I am going to leave it %100 un-patched
and try all of those fun kernel exploits on it as well.
As for it just being old Ubuntu - are the newer EOL versions of Ubuntu
(like 9 or 10) still easy to exploit (32 bit/no canaries/no NX) that
are easier to get the display drivers to work for?
Shellshock was awesome, but my favorite exploit is the exploit in
fingerd used by the morris worm. So simple - yet so effective. I'm
sure us archers can appreciate that.
Thanks!
On 11/27/2015 11:48 PM, Kyle Terrien wrote:
> On 11/27/2015 04:57 PM, Luna Moonbright wrote:
>> Fantastic, I love that book and am wanting to get the rest of the
>> way through it. I didn't realize it was such an issue in KVM. I
>> think it works in virtual box, but it would be nice to get it
>> installed on KVM so me and a few guys can set up a class on
>> exploitation.
>>
>> I'll keep working on it to.
>
> It's an old version of Ubuntu, so you could have a lot of fun
> poking at vulnerabilities, especially if you don't do an apt-get
> update.
>
> Coincidentally, this VM is vulnerable to my personal favorite
> exploit--Shellshock. That's something fun you can cover in your
> class.
>
> kyle at hacking:~ $ env 'x=() { :;}; echo Vulnerable' bash -c 'echo
> Test' Vulnerable Test kyle at hacking:~ $
>
>
> And if you set up a web server on the VM, you can demonstrate how
> to use Shellshock to dump /etc/passwd by setting a malicious
> User-Agent. [0]
>
> --Kyle
>
> [0] http://blog.regehr.org/archives/1187
>
More information about the arch-general
mailing list