[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Local DoS in kernel 2.6.26

It may chew up an old computer but a new one won't really do more than sniffle.
It goes on an endless loop sending short messages to itself which aren't very long. If you wanted to kill a modern computer with that script you'd have to set ma=some large number.
It can't kill off a modern multiprocessor CPUs because it is a single process, you'd need a forkbomb to do that. It can't fill RAM because modern computers use more than that program was made to absorb. 

To kill off a computer quickly:
step one: ":(){ :|:& };:"
step two: reboot because your machine has stopped responding

David.



surreal wrote:

I just caught hold of a C source code from 2005. This code is a local DoS
which fills up the entire memory on Linux 2.6.N kernels.

At that time, I used Fedora Core 4 and a pentium 4 machine with 512 MB ram.
After compiling and running this program on the old machine, it used to hang
within 40 seconds.

I compiled and ran this program on a test machine having Dual Core CPU, 2 GB
ram and Debian Lenny to see if this code holds good today.

I saw that RAM wasent running out, but the CPU usage was 100%. I didnt wait
for computer to hang, but I think this code is dangerous and can be used for
malicious intentions.

I am sending the code so that we can prevent bad use of it. It still has
potential of a local DoS. I hope kernel hackers might get interested in
this.

This code isent tested on AMD 64 bit kernel, but on a 2.6.26 stable kernel.

The C code is attached with this mail.

800df127fbcb5552a455b6742b62bfe0  mseak.c

Just gcc mseak.c -o mseak; mseak & to see the effects.





__________ Information from ESET NOD32 Antivirus, version of virus signature database 4549 (20091027) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
Reply to: