Re: Why SUID Binary exploit does not yield root shell?
Date: Sun, 9 Mar 2003 15:34:27 -0500 From: email@example.com To: Kryptik Logik <firstname.lastname@example.org>
Check out your system logs.. when i wrote an exploit for vpnclient under
gentoo linux, PAM was catching the exploit..
for the workaround i used, check the exploit out:
On Sat, Mar 08, 2003 at 08:40:17PM -0000, Kryptik Logik wrote:
> I've managed to find a buffer overflow and exploit it to exeve a /bin/sh
> using my payload shellcode. However, whenever I run my exploit, I do get a
> shell but just that it is an ordinary shell under my account (as id would
> The binary that I've exploited is suid bit set so theoretically shouldn't
> it create a root shell? I've tested my exploit on a small sample
> vulnerable program that I wrote with the exact same permissions as the
> binary in the system and I could get a root shell!
> What is the magic here (if any)?
> Thankx in advance,
> # klogik
-- + Cannot find nsabackdoor.dll. Please reinstall Windows.