Upload File

chroot zutao zhu 10/30/2009. outline task 1 - 4 hard link ln ab.txt cd.txt

  • Home
  • Documents
  • Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt
14
Chroot Zutao Zhu 10/30/2009

Upload: bernice-atkinson

Post on 18-Dec-2015

212 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Chroot

Zutao Zhu

10/30/2009

Page 2: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Outline

• Task 1 - 4

Page 3: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Hard Link

• ln ab.txt cd.txt

Page 4: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Symbolic Link

• ln -s ab.txt cd.txt

Page 5: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

File Descriptor

• How does file descriptor be used?– Capability!

• Use chroot() after fopen()– Then fgetc()

Page 6: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

chroot and chroot()

• Read chroot command manual page and chroot() function manual page.– http://ss64.com/bash/chroot.html– http://linux.die.net/man/2/chroot

• Think of the following behavior after chroot command and chroot() function

• http://www.kegel.com/crosstool/current/chrootshell.c

http://ss64.com/bash/chroot.html
http://linux.die.net/man/2/chroot
Page 7: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

How does su work?

• What files does su use when authenticating users?

• http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html

http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html
http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html
Page 8: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Get out with root privilege

• Get the root privilege within the jail

• Copy a shell to the jail

• Chown the shell to root

• Chmod the shell to be set-uid

• Prepare passwd and shadow files

• Run the program from outside of the jail

Page 9: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Break out of a chroot jail

• Background knowledge– Current working directory– Root directory

• Most implementations of chroot() not changing the working directory of the process to within the directory the process is now chroot()ed in.

Page 10: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Break out of a chroot jail

• Strategy– Open the current working directory – Create a temporary directory in its current working

directory – Change the root directory of the process to the

temporary directory using chroot(). – Perform chdir("..") calls many times to move the

current working directory into the real root directory. – Change the root directory of the process to the

current working directory, the real root directory, using chroot(".")

Page 11: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Kill a process

• The user inside the jail knows the pid of a process running outside of the jail

• chroot(), chdir(), kill(pid, SIGKILL)

Page 12: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Bonus question

• “Using ptrace allows you to set up system call interception and modification at the user level. “, quoted from http://www.linuxjournal.com/article/6100

• http://www.lxhp.in-berlin.de/lhpsysc0.html

Page 13: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

How to secure chroot()

• discussion

Page 14: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Reference

• http://www.bpfh.net/simes/computing/chroot-break.html

• http://ss64.com/bash/chroot.html

• http://linux.die.net/man/2/chroot

• http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html


A Digital Anthology of Early Modern English Drama...ln 0007 ln 0008 ln 0009 ln 0010 img: 3a sig: A3v ln 0001 ln 0002 ln 0003 ln 0004 ln 0005 ln 0006 ln 0007 ln 0008 ln 0009. Me mea

DIRECTIONAL DISTIBUTION 51-49% TRAFFIC VOLUME DIAGRAM€¦ · ln ln ln 12’ ln ln ln 2.50% sh ln aux ln sh sh managed lanes ln ln ln 4’ sh 14’ ln pgl 8’ g.p. lanes 2.50% 12’

unit 5 formula review sheetpricemathteacher.weebly.com/.../unit_5_formula_revie… ·  · 2016-01-04Log/Exponent Properties: ln(1)=0&&&&& &ln(e)=1&& ln(an)=&n*ln(a)& & ln(ab)=ln(a)+ln(b)

Infor LN Development Tools Development Guide · LN software environment ... 202 Chapter 10 LN Reporting Overview.....205 LN Reporting Overview

É M Øq É& t × üw É 1;~61; w ¦ q É M Ø × üw à ¬ Ý K Ta ¬ Ý...÷ : ý LN LN LN LN LN LN LN LN LN f ? &ZÞËj C ? t t à G > à à ¤ à ô ¿ à Ë > à Æ æ à å ¿

ACCESSORIOS Magnum Pistolas semiautomáticas...Lincoln Electric ® Serie LN-7, LN-8, LN-9, LN-25 [Alambre de hasta .052 pulg. (1.4 mm)] K489-1 Serie LN-8, LN-9, LN-25 [Alambre de 1/16

Saving Your Ass(ets) with chroot

A Digital Anthology of Early Modern English Drama · 2017-07-21 · img: 1b sig: A2r ln 0001 ln 0002 ln 0003 ln 0004 ln 0005 ln 0006 ln 0007 ln 0008 ln 0009 ln 0010 ln 0011 ln 0012

National Energy Research Scientific Computing Center (NERSC) CHOS - CHROOT OS Shane Canon

ATTENTION FISHERMEN & HUNTERS LEGEND · Green Lawn Ln. Monroe Trail Ln. Delaware Ln. Irvine Ln. Adams Trail Truman Ln. Clarence Cannon Ln. Fr azer Rd. Ha ... 556 567 543 573 344 390

APPROXIMATE DURATION 6 MONTHS N - NHSLS · amar dr s rd uck dr or hill majors ln lambskin ln cre rd old dobbin ln ck ln y shed ln sohap ln t ln ampfire ook ln blade green ln w th

Ding, Sixin - Cong Chutu Zhu Shu Zonglun 'Zhou Yi' Zhu Wenti

Zhu Darkpool

Using Chroot to Bring Linux Applications to Android · PDF fileUsing Chroot to Bring Linux Applications to Android ... Android Ease package management issues by ... Leverages idea

A Digital Anthology of Early Modern English Drama › sites › default › files › folger...ln 0033 ln 0034 img: 3b sig: A4r ln 0001 ln 0002 ln 0003 ln 0004 ln 0005 ln 0006 ln 0007

320B/320B L/LN 322B L/LN 325B L/LN 330B L/LN 345B Ldizv3061bgivy.cloudfront.net/mmc-assets/pdfs/data_sheets_320_345b... · 320B /L/LN 322B L/LN 325B L/LN 330B L/LN 345B L Cat® engine

Ducted Split (60Hz, R22) - REFRICOIN · LN-0320CC/AC LN-0321CC/AC LN-0420CC/AC LN-0421CC/AC LN-04B0CC/AC LN-C0482SA0 ... • LG Ducted split unit have been rigorously life tested

DNSSEC - WHAT IS IT ? INSTALL AND CONFIGURE IN CHROOT JAIL

Sign-ln Card act r: Sign-ln Card No . Sian-ln Card c

Using Chroot to Bring Linux applications to Android

CHAPTER 7 INTEGRALS AND TRANSCENDENTAL …CHAPTER 7 INTEGRALS AND TRANSCENDENTAL FUNCTIONS 7.1 THE LOGARITHM DEFINED AS AN INTEGRAL 1. dx ln x ln 2 ln 3 ln 2. dx ln 3x 2 ln 2 ln 5

Chw00t: How to break out from various chroot solutions · Chw00t: How to break out from various chroot solutions Balázs Bucsay OSCE, OSCP, GIAC GPEN, ... • Strictly technical certificates:

Xuding Zhu

Securing Apache Web Services with CHROOT · 2018-11-25 · Securing Apache Web Services with CHROOT Motivation I have wanted to set this up for some time, but never had the occasion

Monday to Friday LN LN TW LN WM LN WM LN TW WM LN LN … · Monday to Friday LN LN TW LN WM LN WM LN TW WM LN LN WM LN LN TW LN WM London Euston .... .... .... .... .... ....

A Digital Anthology of Early Modern English Drama...img: 1b sig: A1r ln 0001 ln 0002 ln 0003 ln 0004 ln 0005 ln 0006 ln 0007 ln 0008 ln 0009 ln 0010 ln 0011 ln 0012 ln 0013 ln 0014

Yushen Zhu

NEWCOM DELBRIDGE LN. BROWN’S LN. OXFORD … · ln. thompson ln. 392 392 101 419 101 419 419 rd. rd. lantana st. ln. harding ln. s. main st. st. st. adams w. parkview pl. ln. threet

A Digital Anthology of Early Modern English Drama · ln 0022 ln 0023 ln 0024 ln 0025 img: 3a sig: A3v ln 0026 ln 0027 ln 0028 ln 0029 ln 0030 ln 0031 ln 0032 ln 0033 ln 0034 ln 0035

unit 5 formula review sheet - Mrs. Price's Math Site - HOME€¦ ·  · 2016-01-04Log/Exponent Properties: ln(1)=0&&&&& &ln(e)=1&& ln(an)=&n*ln(a)& & ln(ab)=ln(a)+ln(b) a b b a ln

8-6 Ticket Out Use natural logarithms to solve e –6x = 3.1. -6x = ln 3.1 Solve ln 2 + ln x = 5. ln (2x) = 5 Write 3 ln a – ½ (ln b + ln c 2 ) as a single

Review Day 2 Algebra - Chino Valley Unified School District!=4 c. ln!+ln!=0 d. ln1−ln!=! e. ln6+ln!−ln2=3 d. ln!+5=ln!−1−ln!+1 17. Express y in terms of x. a. ln!=!+2 b. ln!=4ln!+3

 · fernstead ln & westview ter lower ln & sunset ln cindy ln & lower lower ln & smokey hill rd 719 lower ln 198 meadow 1817 orchard rd elizabeth rd & patrick dr metacomet dr & mohawk

y = ln (kx) / ln (k)

Advanced Impressions, Inc · S Advanced Impressions, Inc (P) 714.772.3459 (F) 714.772.2986 Custom Line 2014-2015 LN -KHP LNLN-KSH LN KMH KHO LN KHL LN -KSP LNLN-KSR LN KIR KSC LN-