Some years ago, security specialist Michal Zalewski wrote an über-leet linux (and probably other *nix) root exploit that just works. Now I made it compile on AMD64.
Well, enough chit-chat, I guess you want the code:
#!/bin/sh
echo "1|nux r007 3xp10|7 by 1c4m7uf"
cd /tmp
cat >ex.c <
int getuid() { return 0; }
int geteuid() { return 0; }
int getgid() { return 0; }
int getegid() { return 0; }
eof
gcc -fPIC -shared ex.c -oex.so
LD_PRELOAD=/tmp/ex.so sh
Just paste it into a terminal window as an ordinary user, and see the shell start. Try typing whoami and bow in glory (I recommend that you get out of your chair before doing so).
If you are new to linux and wonder how this works, try man 8 ld.so in a terminal 
Related posts:
Copyright © 2010 Jannich Brendle's blog All rights reserved. Amazing Grace theme by