| Name | maptrace |
| CVE | CVE-2013-2171 |
| Exploit Pack | CANVAS |
| Description | maptrace: MMAP/PTRACE privilege escalation |
| Notes | CVE Name: CVE-2013-2171 VENDOR: Intel,FreeBSD Notes: Tested on FreeBSD 9.0-RC3 and FreeBSD 9.0-RELEASE* AMD64 To test this exploit from CANVAS use the ./backdoors/mosdef_callbacks/mosdef_callback_fbsd9_i386 callback binary to establish a BSD node on a universal CANVAS listener. Then run the maptrace module against this node to elevate your privileges on the node. This should work on FreeBSD 9.0-RELEASE* amd64 on 64bit Intel processors. Note this will not spawn a new node, but rather keep the existing node connection with elevated privileges. Alternatively you can use the Resources/x binary outside of the framework. $ uname -a FreeBSD freebsd90 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan 3 07:46:30 UTC 2012 root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 $ id uid=1001(immunity) gid=1001(immunity) groups=1001(immunity) $ ./x [***] FeeBSD amd64 local r00t - MMAP/PTRACE [***] # id uid=0(root) gid=0(wheel) groups=0(wheel) # Repeatability: Infinite References: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:06.mmap.asc CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2171 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |