oddflux

Found something..

42 posts in this topic

Well, most of you that know me know that I've kept away from forums/communities and such things for a short while now. I've been busy with other things, recently, I found a remotely exploitable vulnerability in the Linux 2.6.15 kernel. (I intend to remain nondisc about it) However, the issue now is what should I do regarding that, should I

1) Post it on some secfocus or something

OR

2) Should I stfu about it? and keep my shit nondisc

Responses would be considered valuable. :)

Edited by oddflux
0

Share this post


Link to post
Share on other sites

#1 would be the proper thing to do.

0

Share this post


Link to post
Share on other sites

IMO, you can either keep it as a trademark hack for the upcoming wargame, OR, go ahead and release it to secfocus so I can get my box all patched up. Type of vulnerability? I'm guessing remote code execution, but is it a buffer overflow, or...?

0

Share this post


Link to post
Share on other sites

#1

0

Share this post


Link to post
Share on other sites

Fuck non disc.

the notion that not disclosing vulnerabilities keeps people safe is a myth, and you're propagating it. keeping vulnerabilities secret is identical to security through obscurity. which is a 'bad thing'.

nondisc is for people that stand to lose money. full disc is a step in the right direction. hackers should believe in openness.

Have faith in the community, the linux kernel hackers will have a fix before anything happens. The reason full disclosure lists exist is because people believe in opensource communities. Thats a 'good thing'.

and venom: keep it for the wargame? dood... it shows a lot about a person who can have ideas that utterly selfish.

don't keep it for the wargame dood.

Edited by edocpord
0

Share this post


Link to post
Share on other sites

Why not try secret option #3:

Contact the people in charge on the Linux Kernel Mailing List - aka the people that hack the code every day and have the power to get it fixed faster then anybody else - and tell them what you know?

That way, they can fix it in the current branch of the kernel, but disclose the vulnrability that is still in the older versions and let everybody know they need to update. And that way not only have you done a good deed, but you get props from everybody at the same time.

The best of both worlds.

Edited by feverdream
0

Share this post


Link to post
Share on other sites
Why not try secret option #3:

Contact the people in charge on the Linux Kernel Mailing List - aka the people that hack the code every day and have the power to get it fixed faster then anybody else - and tell them what you know?

I agree 100%. Only contact securityfocus and other outlets *IF* they don't fix it in a timely manner (which they hopefully will).

0

Share this post


Link to post
Share on other sites

Well, if it will work with gibson linux 5.0, why dont you just hack some dewds garbage file??

seriously kids, disclose to the proper people(kernel authors?) and if they dont do anything within a reasonable amount of time, take a megaphone and stand on the street corner and tell everyyyyyyyyyyyone.

0

Share this post


Link to post
Share on other sites
Why not try secret option #3:

Contact the people in charge on the Linux Kernel Mailing List - aka the people that hack the code every day and have the power to get it fixed faster then anybody else - and tell them what you know?

That way, they can fix it in the current branch of the kernel, but disclose the vulnrability that is still in the older versions and let everybody know they need to update. And that way not only have you done a good deed, but you get props from everybody at the same time.

The best of both worlds.

QFMFT

0

Share this post


Link to post
Share on other sites

Well, tell the kernal managers about it. AND use it for the wargame. If whoever runs it doesn't get it patched if a patch is released in time, then its fair game.

Question though, is it only 2.6.x thats affected, or 2.4 as well?

0

Share this post


Link to post
Share on other sites

i've learnt 2 important things today:

1) nothing is ever secure

2) my tv is broke

Edited by oddflux
0

Share this post


Link to post
Share on other sites

well let see they released a patch probably for this already since the kernel was patched two days after or so it came out

0

Share this post


Link to post
Share on other sites
i've learnt 2 important things today:

1) nothing is ever secure

2) my tv is broke

Is your tv running the 2.6.15 kernel by chance?

:P

0

Share this post


Link to post
Share on other sites
i've learnt 2 important things today:

1) nothing is ever secure

2) my tv is broke

Is your tv running the 2.6.15 kernel by chance?

:P

are you implying that linux breaks? blasphemy!!! (yes, im making fun of linux.)

0

Share this post


Link to post
Share on other sites

If you post what you find, it will no longer work. That's not cool. Screw those asshole "whitehats". Have a little fun with it. Not too much fun mind you, but a little.

0

Share this post


Link to post
Share on other sites

Write up a paper on it, take some credit, and they'll end up patching it. -_-

0

Share this post


Link to post
Share on other sites

Nah, i'll probably write a few more exploits, find a few more vulns in a few more apps, and own a few more boxes, then i'll irc from microsoft.com and you'll all ask me for accts, and i'd sell them at $50 a pop. :D

0

Share this post


Link to post
Share on other sites
Nah, i'll probably write a few more exploits, find a few more vulns in a few more apps, and own a few more boxes, then i'll irc from microsoft.com and you'll all ask me for accts, and i'd sell them at $50 a pop. :D

A linux expliot would not work on a MS Network.

0

Share this post


Link to post
Share on other sites

I say don't disclose it. In the end more systems end up getting hacked and ruined by kiddies who use those who post on full disclosure sites. Sure, you and your buddies might hack a few sites, but if you released it to the public, there could be tens of thousands of machines hacked by people who have no ethics and only care about ruining machines, thereby giving hackers a bad rep. And knowing our media, we don't need any more negatives coming out of the community that their corporate minds can feed on.

In a nutshell, you can:

1. Release it to the public. It will get patched pretty quickly and many people will update their kernels. Hundreds, maybe thousands(depending on the severity), of kiddies will also have access to this code and hack any/every system they can, probably backdooring these systems, installing psybnc, or rm -rf /'ing the box, just so they can get the ego power out of knowing they can own something.

2. Keep it private between yourself and maybe a few friends. This exploit might not ever be fixed so no one will know about it and all the computers running the particular set of software will be vulnerable. However, unless you created some nasty worm(not recommended), then you would in reality only hack a handful of systems with it. Also, the systems that you would hack would probably not be destoryed(Im assuming you have some ethics.)

So:

If you release it, it will get fixed fast, many people will eventually update, and many machines will be hacked and possibly destoryed by people who have no business having the exploit.

If you don't release it, it will go unnoticed for a long while, you and your buddies could own just about any system with whatever kernel is vulnerable, and you would probably just hack a handful of systems WITHOUT destroying them. Sure, it wouldn't get patched, but thousands of kids who just want to destory anything they can get access to won't be able to act out their wannabe-hacker fantasies.

If I were you, I'd choose non-disclosure.

Edited by dominatus
0

Share this post


Link to post
Share on other sites

make your own patch for it, give it to us and then go wild. Just without the going wild part. But saving it for wargame is a good plan.

0

Share this post


Link to post
Share on other sites
u shuld maek a virus

LOL

0

Share this post


Link to post
Share on other sites

First off good Job.

I go for Option #3 tell the Kernel Hackers. Why not be open with the Kernel Hackers, your brothers in arms.

They might give you props publically. I cannot believe I'm pimping again. Take a look at the diff -u in Linux Journal. They talk about Kernel Development there. Most of the people who are know for finding sploits tell the company and give them a chance to fix it before they go public. For example look up Joshua Wright.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now