Hacker News new | ask | show | jobs
by reiche 4780 days ago
Hm, doubtful.

PS1/ $ w

12:17:27 up 38 days, 17:18, 1 user, load average: 0.44, 0.11, 0.04

USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT

user pts/0 Narnia 07:11 0.00s 0.25s 0.11s w

PS1/ $ uname -a

Linux Rivendell 2.6.32-358.2.1.el6.x86_64 #1 SMP Wed Mar 13 00:26:49 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

PS1/ $ cat /etc/redhat\-release

CentOS release 6.4 (Final)

PS1/ $ ./a.out

2.6.37-3.x x86_64

sd@fucksheep.org 2010

a.out: sheep.c:81: main: Assertion `p = memmem(code, 1024, &needle, 8)' failed.

Abort(coredump)

PS1/

Seems it is nicely dumped instead of doing weird things in userland.

Under root is doesn't coredump, but returns to the prompt without any hassle.
2 comments
wwdevries 4779 days ago
You get this error when you compile the exploit incorrectly. Compile like this and it works:

  gcc -O2 sheep.c && ./a.out
link
ezdiy 4780 days ago
Either your kernel is patched, or the exploit does not work on your system. It certainly fails without -O2, glance over the code indicates horrible reliance on various UB on how gcc compiles it.

$ grep -A 10 'int perf_swevent_init' linux-2.6.32-358.el6/kernel/events/core.c static int perf_swevent_init(struct perf_event *event) { int event_id = event->attr.config;

if (event->attr.type != PERF_TYPE_SOFTWARE) return -ENOENT;

switch (event_id) { case PERF_COUNT_SW_CPU_CLOCK: case PERF_COUNT_SW_TASK_CLOCK: return -ENOENT;

link