@ Jeffrey Walton
thx for the references
@ Wiliam Steck
what OS you tested on ? 'n kernel security feature you use
try make program exec /bin/sh 'n setuid it to root
On 8/28/12, Wiliam Steck <codeinject...@gmail.com> wrote:
> this will only work if the desired user is in sudo and has permissions to
> execute as root.
> Otherwise, this post was a huge troll to get traffic to the website this
> article is hosted on.
>
> [20101:20100 - 0:501] 02:31:36 [nethic@nekobus:/dev/pts/9 +1] ~
> $ fakeroot
>
> [20209:20194 - 0:501] 02:31:39 [root@nekobus:/dev/pts/9 +3] ~
> $ ls /root
> ls: cannot open directory /root: Permission denied
>
> [20209:20194 - 0:502] 02:31:47 [root@nekobus:/dev/pts/9 +3] ~
> $ python
> Python 2.7.3 (default, Apr 20 2012, 22:39:59)
> [GCC 4.6.3] on linux2
> Type "help", "copyright", "credits" or "license" for more information.
>>>> import os
>>>> os.system("sudo su")
> ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be
> preloaded: ignored.
> [sudo] password for nethic:
> Sorry, try again.
> [sudo] password for nethic:
> Sorry, try again.
> [sudo] password for nethic:
> Sorry, try again.
> sudo: 3 incorrect password attempts
> 256
>>>> os.system("touch /root/test")
> touch: cannot touch `/root/test': Permission denied
> 256
>
> Better luck next time <3 <3 <3
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
