Jonathan Fabrizio


[+] Hijack sudo

Jonathan Fabrizio - 22/06/12

To finish a small serie on sudo vulnerabilities, I show in this post that, with a simple trick, it is possible to hook sudo by taking advantages of bash negligence. It is not really serious - I found this funny and I do not think that it can be a serious threat...

Viewed 2825 times

[+] sudo vulnerability (2/2)

Jonathan Fabrizio - 27/02/12

In a previous post, I showed how a trojan horse can become root by the use of sudo. According to it's configuration, sudo may ask password only once and does not ask password again for a predefined period of time. Malicious software can became root silently.
To exploit this vulnerability, I wrote a program that invokes silently sudo until sudo does not ask password. To succeed, this program must be launched in the correct terminal before the correct user invokes sudo (or right after). This means, the threat is rather low. I complete here the previous post with (too) simple tricks to increase chance to become root (simply to show that even the threat is low, it must not be neglected). To finish, I give simple advice to prevent you from being attacked by such program...

Viewed 2350 times

[+] sudo vulnerability (1/2)

Jonathan Fabrizio - 08/01/12

Allowing sudo to avoid asking password for executing admin operation disrupts me a bit. I think it is a vulnerability and I will try to prove it in this post. This is not a big threat as this implies the system has already be corrupted but this should not be neglected: I think a simple program can easily become root with this mechanism. Most of this post has been written after an old long discussion on french ubuntu forum but I hesitated long time to publish it.

Viewed 1634 times