Core Pattern
Last updated
Last updated
You can give the kernel a crash handler which will be executed if a segfault happens. Ubuntu uses that to launch and you can hijack this feature to have your rootshell executed:
You can now connect to localhost 31337 to have a rootshell. Of course you could launch connect back shells or any other malicious program.
To counter this threat, you might want to read this core_pattern file or in doubt erase the signal handler: