Bugtraq mailing list archives
Re: Sudo tricks
From: Kyle Wheeler <kyle-bugtraq () memoryhole net>
Date: Sat, 25 Mar 2006 22:25:16 -0500
On Friday, March 24 at 07:05 PM, quoth Dave Korn:
Here is a simple hack to break sudo and su to get free root. Add this to ~/.bashrc and fill in the following blanks:* ~/.root_kit/rk_su Your hacked su to give root on su --now-dammit * ~/.root_kit/silent_install_root_kit Your script to silently install rk_su over /bin/su and add SUID to it.So, in other words, all you need in order to get root access is a rootkit, your shell script, and root access? Ummm... I don't get it.
More precisely, if I have access to your bashrc and you have access to sudo, I can give myself permanent root access (I don’t need to know your password).
~Kyle --Well, I've wrestled with reality for over thirty five years, doctor, and I'm happy to state I finally won out over it.
-- Jimmy Stewart, in "Harvey"
Attachment:
_bin
Description:
Current thread:
- Sudo tricks John Richard Moser (Mar 23)
- Re: Sudo tricks Dave Korn (Mar 25)
- Re: Sudo tricks Kyle Wheeler (Mar 27)
- Re: Sudo tricks Thomas M. Payerle (Mar 28)
- Re: Sudo tricks Krzysztof Halasa (Mar 29)
- RE: Sudo tricks Burton Strauss (Mar 31)
- <Possible follow-ups>
- Re: Sudo tricks Steven M. Christey (Mar 28)
- Re: Sudo tricks Javor Ninov (Mar 31)
- Re: Sudo tricks Dave Korn (Mar 25)