From fe7ce02dfd502e8ede01c4f11a3a40182634a840 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Thu, 4 Oct 2018 21:13:21 +0000 Subject: [PATCH] Update tested versions --- .../exploit/linux/local/lastore_daemon_dbus_priv_esc.md | 8 +++++--- .../exploits/linux/local/lastore_daemon_dbus_priv_esc.rb | 7 ++++--- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/documentation/modules/exploit/linux/local/lastore_daemon_dbus_priv_esc.md b/documentation/modules/exploit/linux/local/lastore_daemon_dbus_priv_esc.md index 2b18a1c51c..8532e6281d 100644 --- a/documentation/modules/exploit/linux/local/lastore_daemon_dbus_priv_esc.md +++ b/documentation/modules/exploit/linux/local/lastore_daemon_dbus_priv_esc.md @@ -7,7 +7,7 @@ ## Vulnerable Application - The `lastore-daemon` D-Bus configuration on Deepin Linux 15.5 permits any + The `lastore-daemon` D-Bus configuration on Deepin Linux permits any user in the `sudo` group to install arbitrary system packages without providing a password, resulting in code execution as root. By default, the first user created on the system is a member of the `sudo` group. @@ -30,8 +30,10 @@ ``` - This module has been tested successfully with lastore-daemon version - 0.9.53-1 on Deepin Linux 15.5 (x64). + This module has been tested successfully with lastore-daemon versions: + + * 0.9.53-1 on Deepin Linux 15.5 (x64) + * 0.9.66-1 on Deepin Linux 15.7 (x64) Deepin Linux is available here: diff --git a/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb b/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb index 002806dd9c..095de2f6df 100644 --- a/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb +++ b/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb @@ -18,13 +18,14 @@ class MetasploitModule < Msf::Exploit::Local This module attempts to gain root privileges on Deepin Linux systems by using lastore-daemon to install a package. - The lastore-daemon D-Bus configuration on Deepin Linux 15.5 permits any + The lastore-daemon D-Bus configuration on Deepin Linux permits any user in the sudo group to install arbitrary system packages without providing a password, resulting in code execution as root. By default, the first user created on the system is a member of the sudo group. - This module has been tested successfully with lastore-daemon version - 0.9.53-1 on Deepin Linux 15.5 (x64). + This module has been tested successfully with lastore-daemon versions + 0.9.53-1 on Deepin Linux 15.5 (x64); and + 0.9.66-1 on Deepin Linux 15.7 (x64). }, 'License' => MSF_LICENSE, 'Author' =>