bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/local/35749.txt
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

16 lines
No EOL
1 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

The root user is disabled on Red Star, and it doesn't look like there is a way to enable it.
UnFortunately, they left a big security hole: the Software Manager (swmng.app),
which runs as root through sudo and will install any RPM package, even if unsigned.
To get root, get this RPM package I made into Red Star through an ISO (if you're using a virtual machine) or USB key,
double-click it to open it with the Software Manager, and click through the blue buttons until its done.
After that, run rootsh to get a root shell.
Being a RedHat-based system (hinting on Fedora 15), SELinux will prevent you from doing some things,
but disabling it is a matter of running setenforce 0 as root.
Download: https://mega.co.nz/#!jgBT0RxZ!LQDEBBrbGxE6fag4d_A2C2cWj2PSNR_ZvnSW_UjRD5E
Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35749.rpm (redstarroot.rpm)
## Source: http://richardg867.wordpress.com/2015/01/01/notes-on-red-star-os-3-0/ & http://www.openwall.com/lists/oss-security/2015/01/09/1
Reference in a new issue View git blame Copy permalink