问题来源:
一个exploit的description信息
Target offsets are available for: Ubuntu 16.04 kernels 4.4.0 <= 4.4.0-116-generic; and Ubuntu 16.04 kernels 4.8.0 <= 4.8.0-54-generic.
This exploit does not bypass SMAP. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel.
This module has been tested successfully on various 4.4 and 4.8 kernels.
而我安装的Ubuntu 16.04.6 内核版本为4.15.0-45
解决方法:
把内核替换成4.4版本, 随便选了个4.4.0-112
不同发行版的Linux可以安装的内核是不一样的,用这个命令来查看:
apt-cache search linux-headers
invincible@ubuntu:~/Desktop$ apt-cache search linux-headers|more
linux-headers-4.4.0-21 - Header files related to Linux kernel version 4.4.0
linux-headers-4.4.0-21-generic - Linux kernel headers for version 4.4.0 on 64 bit x86 SMP
...
安装内核
sudo apt-get install -y linux-headers-4.4.0-112-generic linux-image-4.4.0-112-generic linux-image-extra-4.4.0-112-generic
安装好后文件 /boot/grub/grub.cfg 中会多出相关信息:
invincible@ubuntu:~/Desktop$ grep menuentry /boot/grub/grub.cfg
...
menuentry 'Ubuntu, with Linux 4.4.0-112-generic' --class ubuntu --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.4.0-112-generic-advanced-be32b57e-8bed-4745-8252-9f3230f0c134' {
menuentry 'Ubuntu, with Linux 4.4.0-112-generic (upstart)' --class ubuntu --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.4.0-112-generic-init-upstart-be32b57e-8bed-4745-8252-9f3230f0c134' {
menuentry 'Ubuntu, with Linux 4.4.0-112-generic (recovery mode)' --class ubuntu --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.4.0-112-generic-recovery-be32b57e-8bed-4745-8252-9f3230f0c134' {
...
修改配置文件/etc/default/grub:
vim /etc/default/grub
GRUB_DEFAULT=0
修改为:
GRUB_DEFAULT="Advanced options for Ubuntu>Ubuntu, with Linux 4.4.0-21-generic"
保存配置文件,并使其生效:
sudo update-grub
重新启动后查看内核版本:
invincible@ubuntu:~/Desktop$ uname -a
Linux ubuntu 4.4.0-112-generic #135-Ubuntu SMP Fri Jan 19 11:48:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
invincible@ubuntu:~/Desktop$ cat /etc/issue
Ubuntu 16.04.6 LTS \n \l
invincible@ubuntu:~/Desktop$