This is a walk through to using the recent Linux Local Root for >=2.6.39, 32-bit and 64-bit by zx2c4
First you need to check what kernel the box is running.
# uname -r
In my case under backtrack 5 which is based on Ubuntu that users the kernel 126.96.36.199 which in vulnerable.
I then added a normal user that I would use for the demo
I then logged back in with test account
Then I checked what privileges the account had
Which showed test was not a root enabled account
I then moved from to the Desktop
I then made a folder to store the exploit source in.
Then I moved to mempodipper directory
# cd /mempodipper
Then I downloaded the exploit source from github
Then compiled it
#gcc mempodipper.c -w -o mempodipper
Then ran it
It then gave all its output from the exploit, it was successful as it gave me a root shell
returned root confirming that it worked.
I then added myself to the usergroup root
#sudo adduser test admin
Adding user `test’ to group `admin’ …
Adding user test to group admin
So from a test account you have got a full root account 😀
Then I verified that the user had really been added to the group root
Source used to make this post and an in depth technical explanation of the exploit : http://blog.zx2c4.com/749