Re: Why SUID Binary exploit does not yield root shell?
From: buzzdee (reitenba@fh-brandenburg.de)
Date: 03/09/03
- Previous message: Shaun Clowes: "Re: Why SUID Binary exploit does not yield root shell?"
- In reply to: Kryptik Logik: "Why SUID Binary exploit does not yield root shell?"
- Next in thread: Brian Hatch: "Re: Why SUID Binary exploit does not yield root shell?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: buzzdee <reitenba@fh-brandenburg.de> To: vuln-dev@securityfocus.com Date: Sun, 9 Mar 2003 10:26:09 +0100
Am Samstag, 8. März 2003 21:40 schrieb Kryptik Logik:
> Folks:
>
> I've managed to find a buffer overflow and exploit it to exeve a /bin/sh
> using my payload shellcode. However, whenever I run my exploit, I do get a
> shell but just that it is an ordinary shell under my account (as id would
> indicate).
>
> The binary that I've exploited is suid bit set so theoretically shouldn't
> it create a root shell? I've tested my exploit on a small sample
> vulnerable program that I wrote with the exact same permissions as the
> binary in the system and I could get a root shell!
>
maybe the partition, on which your suid program is located is mounted with the
nosuid parameter?
<greetz>
- Previous message: Shaun Clowes: "Re: Why SUID Binary exploit does not yield root shell?"
- In reply to: Kryptik Logik: "Why SUID Binary exploit does not yield root shell?"
- Next in thread: Brian Hatch: "Re: Why SUID Binary exploit does not yield root shell?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
