Type your comment> @Phase said:
Type your comment> @meowzilla said:
Type your comment> @Saiyajin said:
Need some help with root part. Currently, I’m fighting with “EOF Error”. Can anyone help me?
same problem here. the exploit works on my local machine. But when I used it on the target machine, it ended with “Got EOF while reading interactive”. Can anyone help? Thanks a lot.
Since this seems to be the part everyone gets stuck at I’ll chime in. I had this same problem. Worked on it for 4 days without making progress but I finally got it.
If you’re popping a shell locally it is because youre a root user. Now the file has the ABILITY to be ran as a root user but you need to somehow call that function to invoke it in your exploit. If you follow the ippsec video you should be good with with a minor change in stage two. I would recommend even to spin up a Ubuntu machine with the same privileges as the box. If you can get it to work there you can get it to work on the machine.
I hope I haven’t spoiled to much. What I would really urge you you do is watch the ippsec video a few times before actually attempting it then go learn about BOF’s and how they actually work.
Once you know that you can actually use gdb to debug the program and what’s actually getting pushed into rdi, etc.
Good luck!
Thanks a lot. This hint helped!