May 3rd, 2003, 06:01 AM
Auditing for Setuid Exploits
I'm currently doing an audit on a Red Hat 8-9 and SlackWare machine. I mean to test for setuid exploits on the box. I'd like source code to compile and run that will allow me to run a command as uid 0. Again, this is a machine I'm testing locally with credentials, so please post only if you know of a good testing app. I would like to be able to review the source, but a precompiled app will be helpful as a last resort. Thank you in advanced.
May 9th, 2003, 01:14 PM
Take a look at all the recent security advisories and get clues from them.
Pay a visit to packetstormsecurity and browse through their extensive collection of texts and files.
Try to do a couple of those wargame type of hackersites and learn.
Experience is something you don't get until just after you need it.
May 9th, 2003, 07:13 PM
Most of those sites have very old exploits. I'm subscribed to bugtraq's mailing list, but nothing has come up recently, concerning suid exploits. Thanks for the post anyways
May 9th, 2003, 07:19 PM
If you can get your paws on a copy of Hacking Exposed Vol 2 they have a section that discusses UID 0 exploits. If you want, I'll dust it off and see what exactly is still useful.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
May 9th, 2003, 10:08 PM
There's one in Hacking Linux Exposed vol.1 , but the code wouldn't compile. You help would sure be apprietiated.