Share

Question

I was practicing exploiting linux executables with shellcode when after a while i things start breaking with

Execle: Exec format error

After reboot droplet didn't connect to internet. From dash board console I ran following commands.

$cat /var/mail/root says:
/bin/sh: execle: Exec format error

$ sudo service network-manager restart
sudo: unable to execute /usr/sbin/service: Exec format error

$ sudo update-grub
sudo: unable to execute /usr/sbin/update-grub: Exec format error

I think i corrupted the kernel, please help!!

Answer 1

Woet December 14, 2017

Make sure your kernel matches your architecture or just restore from your backup / reinstall.

Reply

drs5ma December 14, 2017

I have not had backups enabled and i have no network access to reinstall, unless there is a way to rebuild kernel without network access?

$ uname -r
4.4.0-103-generic

How do i tell if this matches my architecture?
- Woet December 14, 2017
  
  Why don't you just reinstall the droplet?
  
  drs5ma December 14, 2017
  
  I dont want to lose my files
  
  Woet December 14, 2017
  
  Why are you playing with the kernel on an important droplet without backups?
  
  drs5ma December 14, 2017
  
  I've never had problem with this before. I was simply running shellcode on executable, I thought process isolation should prevent from overwriting important kernel code
  
  Woet December 14, 2017
  
  You can open a ticket and ask for rescue mode, then backup your files and reinstall.
  
  drs5ma December 14, 2017
  
  the files modified during the last 7 days in the
  /lib/modules/4.4.0-103-generic
  directory were ~10 files of prefix ./modues
  ./modules.symbols
  ./modules.symbols.bin
  ./modules.symbols.alias.bin
  ./modules.softdep
  
  I still dont know what changes were made to these files or if it was benign and unrelated.
  
  drs5ma December 14, 2017
  
  Also:
  The kernel for this Droplet is managed internally and cannot be changed from the control panel.

Answer 2

drs5ma December 14, 2017

I have not had backups enabled and i have no network access to reinstall, unless there is a way to rebuild kernel without network access?

$ uname -r
4.4.0-103-generic

How do i tell if this matches my architecture?
- Woet December 14, 2017
  
  Why don't you just reinstall the droplet?
  
  drs5ma December 14, 2017
  
  I dont want to lose my files
  
  Woet December 14, 2017
  
  Why are you playing with the kernel on an important droplet without backups?
  
  drs5ma December 14, 2017
  
  I've never had problem with this before. I was simply running shellcode on executable, I thought process isolation should prevent from overwriting important kernel code
  
  Woet December 14, 2017
  
  You can open a ticket and ask for rescue mode, then backup your files and reinstall.
  
  drs5ma December 14, 2017
  
  the files modified during the last 7 days in the
  /lib/modules/4.4.0-103-generic
  directory were ~10 files of prefix ./modues
  ./modules.symbols
  ./modules.symbols.bin
  ./modules.symbols.alias.bin
  ./modules.softdep
  
  I still dont know what changes were made to these files or if it was benign and unrelated.
  
  drs5ma December 14, 2017
  
  Also:
  The kernel for this Droplet is managed internally and cannot be changed from the control panel.

Answer 3

ryanpq MOD December 14, 2017

Your best option will likely be to reach out to the support team via a ticket. They can boot your droplet into a recovery environment. This is a Debian based LiveCD image which will allow you to boot your droplet and mount it's normal disk to make changes, chroot into your disk if needed, or start a temporary SFTP service to copy out needed files. The image must be mounted and removed by the support team and your droplet would then be accessible from the console in the control panel.

Reply

Corrupted Kernel

Leave a Comment

Share

Share your Question

Corrupted Kernel

Leave a Comment

Related Questions

Almost there!