RedStar 3.0 Desktop - Privilege Escalation (Software Manager

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

RedStar 3.0 Desktop - Privilege Escalation (Software Manager - swmng.app)

来源：http://richardg867.wordpress.com/2015/01/01/notes- 作者：RichardG 发布时间：2015-01-12

The root user is disabled on Red Star, and it doesn't look like there is a way to enable it.
UnFortunately, they left a big security hole: the Software Manager (swmng.app),
which runs as root through sudo and will install any RPM package, even if unsigned.

To get root, get this RPM package I made into Red Star through an ISO (if you're using a virtual machine) or USB key,
double-click it to open it with the Software Manager, and click through the blue buttons until it’s done.
After that, run rootsh to get a root shell.
Being a RedHat-based system (hinting on Fedora 15), SELinux will prevent you from doing some things,
but disabling it is a matter of running setenforce 0 as root.

Download: https://mega.co.nz/#!jgBT0RxZ!LQDEBBrbGxE6fag4d_A2C2cWj2PSNR_ZvnSW_UjRD5E
Mirror: http://www.exploit-db.com/sploits/redstarroot.rpm

## Source: http://richardg867.wordpress.com/2015/01/01/notes-on-red-star-os-3-0/ & http://www.openwall.com/lists/oss-security/2015/01/09/1

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告