[ale] Please Help
Chris Fowler
cfowler at outpostsentinel.com
Thu Mar 28 15:19:18 EST 2002
You bring up a good point. I was showing a friend a very simple
root exploit. Heres how it goes:
1) cp /bin/sh ~/.sh
2) chown root ~./sh
3) chmod 4755 ~/.sh
You have to gain root access once to make it work. Then every time
you log into the machien as a normal user just excute the suid shell.
On old linux distros this trick works. I can not get it to work on
RH 7.2. Not sure why.
Chris
-----Original Message-----
From: Ken Nagorski [mailto:kenn at pcintelligent.com]
To: ale at ale.org
Sent: Thursday, March 28, 2002 3:05 PM
To: ale at ale.org
Subject: [ale] Please Help
Please tell me someone knows how to do this. Here is the problem.
I need to a script SUID form a website. It is a PHP script that calls a
wrapper program written in C and it is set 4755, The script is calls just
runs a system command, actually a courier command, the makealises command.
But I can't get this to work for the life of me. I know that someone has had
of written the script that simplifies system mamagment and then needed to
run a system command when it is finished but HOW?
Uhg - Thanks
Ken
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list