Hack

Local root exploit in Linux kernel 2.6.17 to 2.6.24.1

Pretty scary stuff, even if you trust all of your users:

victor@mercury ~ $ ./exploit
-----------------------------------
 Linux vmsplice Local Root Exploit
 By qaaz
-----------------------------------
[+] mmap: 0x100000000000 .. 0x100000001000
[+] page: 0x100000000000
[+] page: 0x100000000038
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4038
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0x2ac3dee3c000 .. 0x2ac3dee6e000
[+] root
mercury ~ # whoami
root

Read more

Upgrading a 1.0.2 iPhone to 1.1.1 Painlessly on Windows

I’ve been mulling over upgrading my iPhone’s firmware to 1.1.1 for the last few weeks but have been put off by the complexity of it. All the tools and steps had been outlined so it was merely just running through the steps, but there were a ton of them, and it seemed like more of a pain in the ass than it was worth. Well, the hacker community has come through again with a easy solution, and now the 1.
Read more

iPhone owned

This is the first time I’ve been back in the States since the iPhone was released, and after getting a chance to play with one yesterday, I decided I had to go out and buy one today. The problem is that AT&T-locked JesusPhone doesn’t work in Germany without a little bit of hackery, and Apple’s just-released-last-week 1.1.1 firmware is reported all over the internet to brick hacked iPhones. Would an AT&T store in Mount Pleasant, SC turn over so many iPhones that they would already be selling boxed 1.
Read more

Self balancing pendubot

That’s my friend Tim with our final project as Clemson EE students back in 2004. We were given a computer running QNX and told to build a pendubot: The Pendubot is a two-linked inverted pendulum actuated by a single motor. The links are connected to each other by a rotational joint, and the base of one link is connected to the motor. Control of the Pendubot is available only at the base of one of the links, thus the challenge of the project is to balance the top link by only the bottom link.
Read more