RedStar 2.0/3.0 Desktop – Privilege Escalation

first,we talk about RedStar 2.0 Desktop – Privilege Escalation (World-writeable rc.sysinit)
Red Star 2.0 desktop ships with a world-writeable “/etc/rc.d/rc.sysinit”
which can be abused to execute commands on
boot. An example exploitation of this vulnerability is shown here
https://github.com/HackerFantastic/Public/blob/master/exploits/redstar2.0-localroot.png

PoC:

star2
Source: http://www.openwall.com/lists/oss-security/2015/01/09/6

RedStar 3.0 Desktop – Privilege Escalation (Software Manager – swmng.app)

star3
Source: http://richardg867.wordpress.com/2015/01/01/notes-on-red-star-os-3-0/
http://www.openwall.com/lists/oss-security/2015/01/09/1

RedStar 3.0 Desktop – Privilege Escalation (Enable sudo)

star32
Source: https://twitter.com/sfan55/status/550348619652796416 & http://www.openwall.com/lists/oss-security/2015/01/09/6

吐槽:
关于Red Star这个系统我开始以为是red hat的什么软件啊啥的。后来在网上看了下,居然是朝鲜民族在xxx的带领下自主开发的linux操作系统。想知道详情的请移步北朝鲜:开发出自己的Linux系统Red Star。看了某俄罗斯的测评。感觉不错。值得注意的是,红星操作系统安装简易,只需15分钟即可安装完成,但也相当非国际化,只有一个语种:朝鲜语。看界面发现和Windows体验很贴近。唯一和其他版本的Linux相比,红星的一个显著特征是:sudo 变成了 kimjongildo。看着就醉了~

原文链接:,转发请注明来源!

发表评论

要发表评论,您必须先登录