Date: Sat, 17 Nov 2018 13:34:37 +0100 From: Solar Designer <solar@...nwall.com> To: lkrg-users@...ts.openwall.com Subject: Re: LKRG Exploit Detection bypass (LOL) On Sat, Nov 17, 2018 at 10:41:35AM +0400, Ilya Matveychikov wrote: > Fixed. See the latest commit. Now it works :) I haven't tried running this (I'm leaving that for Adam), but now it looks like it'd work - you're actually calling usermodehelper, and you no longer try using a +s shell script. Adam got another bypass using usermodehelper working later yesterday, so this is enough for us to confirm that yes, usermodehelper is a fairly easy bypass vector that we'll consider patching. Thanks! Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.