FLOKKEN README

flokken.c is an exploit against FreeBSD kernels that are not patched 
against the shmat issue. Due to the nature of the bug it takes about 10 
hours to trigger so it was prepared as to be dropped into cron.
plemp.sh is a tiny shellscript that will add it as a cronjob to be run in 
the next minute. Make sure you delete the job after you are done otherwise 
it will run again everyday at the time of adding (i was too lazy to put 
that in).

Please note that the target has to have procfs mounted at /proc for any of 
this crap to work. I have an idea to get the information needed from 
another source but I still have to do some research on it, this will also 
make it easy to exploit on NetBSD and ancient versions of OpenBSD.

Just do a 'make' in the 'flokken' directory to compile.

Example:

./plemp.sh "/home/pork/flokken -s" (for a cronjob in the next minute)
./flokken (this will do it in the current shell and will be more verbose)

After the exploit has succeded a suid copy of /bin/sh will be placed at 
/tmp/flop. After which you can remove /tmp/jobfile.
