exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Todd C. Miller

First Active1999-08-17
Last Active2013-08-26
Mac OS X Sudo Password Bypass
Posted Aug 26, 2013
Authored by Todd C. Miller, juan vazquez, joev | Site metasploit.com

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

tags | exploit, root
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
SHA-256 | 861501e9890ef0e4cff6780f3ce32dadf2038337f7e60f127a1275773d181e73
cu-sudo.v1.5.9p2.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

sudo 1.5.9p2 - Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | cac0df69d54e7e99be16d095c59f938b16542351127fd08f965054b5957adf38
cu-sudo.v1.6beta4.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | 899bb649ae7de36549fa7be437cfb6723f4c4725bce6cc293d05e7291a5861ba
cu-sudo.v1.6beta3.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | de28426096190b68d96b6a2c0a0d5f6327cf3a5d451d12f26b2d2d0866203556
cu-sudo.v1.6beta2.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

sudo 1.6b2 - Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

tags | shell, root
systems | unix
SHA-256 | cea32d69ee6808f1cf2f5947ca57a7c4ce4b3421540de4bc960caf97cf0d1c34
cu-sudo.v1.5.9p1.patch.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

This patch will upgrade CU Sudo version 1.5.9 to version 1.5.9 patchlevel 1.

systems | unix
SHA-256 | 02d149a898a858a8c0d32d34d486e5975a3e4e36ebbf44d4b4730606b460c62a
cu-sudo.v1.5.9p1.tar.gz
Posted Aug 17, 1999
Authored by Todd C. Miller

sudo 1.5.9p1 - Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.

Changes: Added dirfd() macro for systems without it, better check for socket() in -lsocket -lnsl in configure, minor configure fixes, fixed a bug wrt quoting characters in command args, make --without-sendmail works, fixed a segv if HOST_IN_LOG defined and gethostbyname() fails, fixed a parse bug wrt the ! operator and runas specs, use new emalloc/erealloc/estrdup functions, new PAM code that should work on both Solaris and Linux, make sudo's usage info better when mutually exclusive args are given and don't rely on argument order to detect this, in visudo, shift return value of system() by 8 to get the real exit value.
tags | shell, root
systems | unix
SHA-256 | a40d252d0efdb3ef957060d47ef5143742240db3ed26edcc1991628e9ff755a6
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close