ifwatchd Privilege Escalation

Posted by deepcore on October 9, 2018 – 2:20 pm

This Metasploit module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the ifwatchd suid executable. ifwatchd allows users to specify scripts to execute using the ‘-A’ command line argument; however, it does not drop privileges when executing user-supplied scripts, resulting in execution of arbitrary commands as root. This Metasploit module has been tested successfully on QNX Neutrino 6.5.0 (x86) and 6.5.0 SP1 (x86).

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow Cisco Prime Infrastructure Unauthenticated Remote Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

ifwatchd Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL