Home

bash-door

Ma, 02/10/2007 - 12:01 — OeX
descripcion: 

How-To Use the Bash door.

To get root privileges back you need two files to exist.

These files act like a password.

/tmp/mcliZokhb - if Exist then :

/tmp/mclzaKmfa - program to be set +s

What we do here is make a file "touch" called /tmp/mcliZokhb

and either copy /bin/sh to /tmp/mclzaKmfa, or use Trogan to make

a secure password protected shell.

Bash will set /tmp/mclzaKmfa suid when /tmp/mcliZokhb exists.

If /tmp/mcliZokhb doesnt exist then bash will do nothing.

WARNING: It is very unsafe to leave a suid shell in /tmp, where

any user can run it! So use the one supplied with Trogan called

SeCshell.

This backdoor has one flaw. The backdoor will only work when a user

with uid/gid 0(root) logs in.

AdjuntoTamaño
bash-door.tar.gz2.37 KB
  • 171 lecturas

Comentarios

Enviar un comentario nuevo

  • Saltos automáticos de líneas y de párrafos.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <p> <br>
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.

Más información sobre opciones de formato

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.