|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Greg Hunt (greg
supplyedge.com)Date: Wed May 22 2002 - 13:36:34 CDT
Looking online, I found shellcode that breaks chroot by doing a
mkdir("sh")
chroot("sh")
chroot("../../../../../../");
then running /bin/sh
Other chroot breaking shellcode online does variations of the same thing. I haven't tested this out so I can't say for sure if this works, anyone else know?
Shellcode available at:
http://www.groar.org/expl/linux-x86/chroot.c
http://www.groar.org/expl/linux-x86/chroot1.c
> I've heard of shellcode that supposedly jumps out of the chroot jail, but
> it's probably been fixed now (whatever bug in chroot the shellcode
> exploited). The buffer overflow would work (it'd overflow the buffer yes)
> but as to whether you'd get a shell, probably not... Unless someone
> dropped a bash shell in there :)
-- ------SupplyEdge------- Greg Hunt 800-733-3380 x 107 greg
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]