exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Todd C. Miller

First Active1999-08-17
Last Active2013-08-26
Mac OS X Sudo Password Bypass
Posted Aug 26, 2013
Authored by Todd C. Miller, juan vazquez, joev | Site metasploit.com

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

tags | exploit, root
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
SHA-256 | 861501e9890ef0e4cff6780f3ce32dadf2038337f7e60f127a1275773d181e73
Download | Favorite | View
cu-sudo.v1.5.9p2.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

sudo 1.5.9p2 - Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | cac0df69d54e7e99be16d095c59f938b16542351127fd08f965054b5957adf38
Download | Favorite | View
cu-sudo.v1.6beta4.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | 899bb649ae7de36549fa7be437cfb6723f4c4725bce6cc293d05e7291a5861ba
Download | Favorite | View
cu-sudo.v1.6beta3.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | de28426096190b68d96b6a2c0a0d5f6327cf3a5d451d12f26b2d2d0866203556
Download | Favorite | View
cu-sudo.v1.6beta2.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

sudo 1.6b2 - Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | cea32d69ee6808f1cf2f5947ca57a7c4ce4b3421540de4bc960caf97cf0d1c34
Download | Favorite | View
cu-sudo.v1.5.9p1.patch.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

This patch will upgrade CU Sudo version 1.5.9 to version 1.5.9 patchlevel 1.

systems | unix
SHA-256 | 02d149a898a858a8c0d32d34d486e5975a3e4e36ebbf44d4b4730606b460c62a
Download | Favorite | View
cu-sudo.v1.5.9p1.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

sudo 1.5.9p1 - Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

Changes: Added dirfd() macro for systems without it, better check for socket() in -lsocket -lnsl in configure, minor configure fixes, fixed a bug wrt quoting characters in command args, make --without-sendmail works, fixed a segv if HOST_IN_LOG defined and gethostbyname() fails, fixed a parse bug wrt the ! operator and runas specs, use new emalloc/erealloc/estrdup functions, new PAM code that should work on both Solaris and Linux, make sudo's usage info better when mutually exclusive args are given and don't rely on argument order to detect this, in visudo, shift return value of system() by 8 to get the real exit value.
tags | shell, root
systems | unix
SHA-256 | a40d252d0efdb3ef957060d47ef5143742240db3ed26edcc1991628e9ff755a6
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close