Share

Question

I was practicing exploiting linux executables with shellcode when after a while i things start breaking with

Execle: Exec format error

After reboot droplet didn’t connect to internet. From dash board console I ran following commands.

$cat /var/mail/root says:
/bin/sh: execle: Exec format error

$ sudo service network-manager restart
sudo: unable to execute /usr/sbin/service: Exec format error

$ sudo update-grub
sudo: unable to execute /usr/sbin/update-grub: Exec format error

I think i corrupted the kernel, please help!!

Answer 1

Woet December 14, 2017

Make sure your kernel matches your architecture or just restore from your backup / reinstall.

Reply Report

drs5ma December 14, 2017

I have not had backups enabled and i have no network access to reinstall, unless there is a way to rebuild kernel without network access?

$ uname -r
4.4.0-103-generic

How do i tell if this matches my architecture?
Reply Report
- Woet December 14, 2017
  
  Why don’t you just reinstall the droplet?
  
  Reply Report
  
  drs5ma December 14, 2017
  
  I dont want to lose my files
  
  Reply Report
  
  Woet December 14, 2017
  
  Why are you playing with the kernel on an important droplet without backups?
  
  Reply Report
  
  drs5ma December 14, 2017
  
  I’ve never had problem with this before. I was simply running shellcode on executable, I thought process isolation should prevent from overwriting important kernel code
  
  Reply Report
  
  Woet December 14, 2017
  
  You can open a ticket and ask for rescue mode, then backup your files and reinstall.
  
  Reply Report
  
  drs5ma December 14, 2017
  
  the files modified during the last 7 days in the
  /lib/modules/4.4.0-103-generic
  directory were ~10 files of prefix ./modues
  ./modules.symbols
  ./modules.symbols.bin
  ./modules.symbols.alias.bin
  ./modules.softdep
  
  I still dont know what changes were made to these files or if it was benign and unrelated.
  
  Reply Report
  
  drs5ma December 14, 2017
  
  Also:
  The kernel for this Droplet is managed internally and cannot be changed from the control panel.
  
  Reply Report

Answer 2

drs5ma December 14, 2017

I have not had backups enabled and i have no network access to reinstall, unless there is a way to rebuild kernel without network access?

$ uname -r
4.4.0-103-generic

How do i tell if this matches my architecture?
Reply Report
- Woet December 14, 2017
  
  Why don’t you just reinstall the droplet?
  
  Reply Report
  
  drs5ma December 14, 2017
  
  I dont want to lose my files
  
  Reply Report
  
  Woet December 14, 2017
  
  Why are you playing with the kernel on an important droplet without backups?
  
  Reply Report
  
  drs5ma December 14, 2017
  
  I’ve never had problem with this before. I was simply running shellcode on executable, I thought process isolation should prevent from overwriting important kernel code
  
  Reply Report
  
  Woet December 14, 2017
  
  You can open a ticket and ask for rescue mode, then backup your files and reinstall.
  
  Reply Report
  
  drs5ma December 14, 2017
  
  the files modified during the last 7 days in the
  /lib/modules/4.4.0-103-generic
  directory were ~10 files of prefix ./modues
  ./modules.symbols
  ./modules.symbols.bin
  ./modules.symbols.alias.bin
  ./modules.softdep
  
  I still dont know what changes were made to these files or if it was benign and unrelated.
  
  Reply Report
  
  drs5ma December 14, 2017
  
  Also:
  The kernel for this Droplet is managed internally and cannot be changed from the control panel.
  
  Reply Report

Answer 3

ryanpq December 14, 2017

Your best option will likely be to reach out to the support team via a ticket. They can boot your droplet into a recovery environment. This is a Debian based LiveCD image which will allow you to boot your droplet and mount it’s normal disk to make changes, chroot into your disk if needed, or start a temporary SFTP service to copy out needed files. The image must be mounted and removed by the support team and your droplet would then be accessible from the console in the control panel.

Reply Report

Question

Corrupted Kernel

Leave a comment

Looking for something else?

Share

Share your Question

Question

Corrupted Kernel

Leave a comment

Related

question

No internet/connection after droplet reboot

question

At certain times my server gets pretty slow. But RAM and CPU are fine!

question

CentOS 7 /etc/hosts vs /etc/cloud/templates/hosts.*.tmpl?

question

Checking monthly bandwidth usage

Looking for something else?

Almost there!