Check out your system logs.. when i wrote an exploit for vpnclient under gentoo linux, PAM was catching the exploit.. for the workaround i used, check the exploit out: http://sec.angrypacket.com/exploits/vpnKILLient.c On Sat, Mar 08, 2003 at 08:40:17PM -0000, Kryptik Logik wrote: > > > Folks: > > I've managed to find a buffer overflow and exploit it to exeve a /bin/sh > using my payload shellcode. However, whenever I run my exploit, I do get a > shell but just that it is an ordinary shell under my account (as id would > indicate). > > The binary that I've exploited is suid bit set so theoretically shouldn't > it create a root shell? I've tested my exploit on a small sample > vulnerable program that I wrote with the exact same permissions as the > binary in the system and I could get a root shell! > > What is the magic here (if any)? > > Thankx in advance, > > # klogik -- + Cannot find nsabackdoor.dll. Please reinstall Windows.
This archive was generated by hypermail 2b30 : Sun Mar 09 2003 - 13:44:24 PST