On Thu, 28 Apr 2011 14:40:22 -0300, Mario Vilas said: > Is the suid bit set on that binary? Otherwise, unless I'm missing something > it doesn't seem to be exploitable by an attacker... Who cares? You got code executed on the remote box, that's the *hard* part. Use that to inject a callback shell or something, use *that* to get yourself a shell prompt. At that point, download something else that exploits you to root - if you even *need* to, as quite often the Good Stuff is readable by non-root users.
Attachment:
pgpzU5AhfU6wu.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/