exploiting suid + writeable shared library

[alok () ilionsecurity ch]

hi,

i have discovered a simple flaw in one of my systems, and i would like to
know if anyone here has a tool to help exploit it:

i have a suid root binary, which depends on a bunch of libraries. Some of
these libraries can be modified by the current user. this means i could
modify the library to run some exploit code and then perform the normal
task.

i was able to do this on a small scale (with a custom library which
exposes a single function and without branching into the normal code). But
are there any tools which can help me patch a shared library which exposes
dozens or hundreds of functions ? perhaps, something like Piotr Bania's
4514N engine, but for linux ?

alok


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave