JOUET Romain BZHugs
BZHugs
/ pkexec.c
Created
January 26, 2022 11:02
— forked from darrenmartyn/pkexec.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * For original see haxx.in/files/blasty-vs-pkexec.c | |
| * | |
| * this version is just using some awful hack to | |
| * avoid having to call gcc on the target box. | |
| * this versions fragile - must be named payload.so | |
| * might add better detection later, whatever. | |
| * all credit to bl4sty for the actual exploit, | |
| * I just made some changes for my usecase. | |
| * you will have to change the interp for diff |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <pthread/pthread.h> | |
| #include <mach/mach.h> | |
| struct ool_msg { | |
| mach_msg_header_t hdr; | |
| mach_msg_body_t body; | |
| mach_msg_ool_ports_descriptor_t ool_ports[]; | |
| }; |