On Wed, 25 Feb 2004, Rodrigo Rubira Branco wrote: > I attached in this mail one vuln.c program and one exploit.c to > demonstrate the shellcode calls to setuid(0) and gain root privilegies...
You're doing seteuid, not setuid. set*e*uid is known to be exploitable, being able to re-retrieve the privileges through shellcode. Or was there something I missed? -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
