Thread
:
[N950] Infodump Thread
View Single Post
javispedro
2011-08-09 , 19:43
Posts: 2,355 | Thanked: 5,249 times | Joined on Jan 2009 @ Barcelona
#
9
The fact that Qole was able to modify the file at all made me realize the file is not protected or hashed. Something that is so ridiculous I did not even previously consider. Congratulations Hawaii, you found the first Aegis "hole" (note: it's so large I believe it may be intentional -- you probably can only modify the file in developer mode).
Therefore, Aegis is now
partially defeated
-- I am now running the stock kernel in non-enforcing mode. That is, to my knowledge, the nearest thing to open mode that exists: I can run arbitrary binaries as root, I can load new kernel modules, and I can even reenable Aegis if I wanted to.
Last edited by javispedro; 2011-08-09 at
19:55
.
Quote & Reply
|
The Following 6 Users Say Thank You to javispedro For This Useful Post:
fw190
,
hawaii
,
joerg_rw
,
kate
,
marxian
,
MohammadAG
javispedro
View Public Profile
Send a private message to javispedro
Visit javispedro's homepage!
Find all posts by javispedro