The quick summary of this backdoor is:
- Register a protocol handler for an unused IP protocol number .
- Call usermodhelper to execute the payload of the packet (skb->data).
- Remote system now executes any command that you send it as root.
Further investigations reveal that this is due to us calling a sleepy method from an atomic one... call_usermodhelper will eventually call wait_for_common which sleeps. You do not want to sleep in an ISR routine.
The fix for this is to use a deferrable; we need to stop working in an interrupt context and schedule the non atomic work for future processing.
One possible solution is to use work queues for deferrable work. Here's an example implementation in github using work queues.
And here's an example session:
888 Casino & Resort Reviews, Ratings & Specials
ReplyDelete888 Casino 서산 출장샵 & 김제 출장샵 Resort: A Gambling & Gaming destination, you'll never forget the excitement and excitement of 대구광역 출장마사지 Las Vegas, Nevada. The 대구광역 출장샵 world's largest Gambling 1xbet app Rating: 4.3 · Review by Dr.