Solaris 10 .. Part 5

Welcome to the 5th series in a research effort to divulge the kernel execution vulnerability to gain root privileges via an undisclosed vector in a vulnerable NameFS kernel module, present in Solaris 8, 9, & 10. I was originally only interested in analyzing and exploiting this on Solaris 8. But, MDB debuted on Solaris 8 without kernel debugging support. It debuted with what I call kernel “monitoring” support, but no ability to breakpoint step thru the kernel.. There was also no presence of the tool DTrace, which may prove itself useful as well. For these reasons, I have stepped forward in presenting my system with Solaris 10 over 8. Now I can reap the benefits.

I downloaded and installed Solaris 10 6/06 (2006) SPARC edition from This random FTP
Note: It helps to know naming conventions when searching for antique software. ie. Sol8-x86 you know what I mean?? those kinda naming “standards” keywords can really help if you stumble upon them. I’ll usually find them in the midst of my begin search, then I adapt to the standard and get the goldmine.

Although installing probably would have been smoother over the net-install.. I don’t know how to configure it well.. (don’t get me started)..