|
|
|
|
|
|
by fattire
1970 days ago
|
|
|
sudo built with ASLR doesn't make a difference? NM: - we can defeat ASLR by partially overwriting the function pointer
getenv_fn (which points to the function sudoers_hook_getenv() in the
shared library sudoers.so); and luckily, the beginning of sudoers.so
contains a call to execve() (or execv()): |
|
|