MagniComp SysInfo mcsiwrapper Privilege Escalation

Posted by deepcore on February 21, 2018 – 3:11 pm

This Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the ‘–configfile’ argument. The ‘ExecPath’ config directive is used to set the executable load path. This Metasploit module abuses this functionality to set the load path resulting in execution of arbitrary code as root. This Metasploit module has been tested successfully with SysInfo version 10-H63 on Fedora 20 x86_64, 10-H32 on Fedora 27 x86_64, 10-H10 on Debian 8 x86_64, and 10-GA on Solaris 10u11 x86.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« http://yala.nfe.go.th/obeclms/web1/file_editor/SRV.txt Radiant CMS 1.1.4 Cross Site Scripting »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

MagniComp SysInfo mcsiwrapper Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL