At 01:34 20/09/02, you wrote:
> > -----Original Message----- > > From: Sean Chester [mailto:[EMAIL PROTECTED]] > > Sent: 19 September 2002 10:21 > > To: [EMAIL PROTECTED] > > Subject: RE: [cobalt-security] Local Root exploit > > > > > > > -----Original Message----- > > > Subject: Re: [cobalt-security] Local Root exploit > > > Not sure if this has been posted here yet, but i tried it > > > on a raq4 > > > and it worked. > > > > > > http://www.securiteam.com/exploits/5MP0R0A80K.html > > > I ran this, it does give me a root shell. > > Do I need to clean up after running this? > Any files need deleting to get me back to how I was? > Code on http://www.securiteam.com is normally quite good, then again you never know, just patch the server as it states at the start of the script, and do not let anyone you do not trust to have shell access to the server. The only thing i found was this main() { system("cp $tempdir/core/sushi /.sushi ; chmod 6777 /.sushi"); } remove or chmod the file .sushi in the / Then again i have done this on a test RAQ4 on a internal network, its not a good idea to run these types of scripts on a 'real' working machine. >_______________________________________________ >cobalt-security mailing list >[EMAIL PROTECTED] >http://list.cobalt.com/mailman/listinfo/cobalt-security _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
