Skip to content

usernameid0/tools-for-CVE-2018-1000001

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
add_support_i386_RationalLove.patch
add_support_i386_RationalLove.patch
 
 
tool.cpp
tool.cpp
 
 

Repository files navigation

Tools for CVE-2018-1000001

Check vulnerability:

$ cat /proc/sys/kernel/unprivileged_userns_clone

Output:

1

If file "/proc/sys/kernel/unprivileged_userns_clone" does not exists:

$ unshare -mU /bin/sh -c "sleep 5" & /bin/sh -c "sleep 1; cd /proc/$!/cwd; realpath .; kill -9 $!"

The output must contain the string "(unreachable)" before '/':

[1] 12345
(unreachable)/home/user

tool.so

Options are passed via Environment variables:

TRACE_DEBUG=1  - Value for printing debug information (Default: 0)
STACK_SIZE=100 - Size output data of stack (Default: 100)

How to run:

$ make
$ cp /bin/umount .
$ LD_PRELOAD="$(realpath tool.so)" TRACE_DEBUG=1 STACK_SIZE=100 ./umount /root

More

https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/

About

Tools for get offsets and adding patch for support i386

Topics

security cve cve-2018-1000001

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages