| ▲ | not_your_vase 5 hours ago | |
Is there a readable version of the exploit readily available by any chance? Gotta admit that I failed binary-zip-interpretation-with-naked-eye class twice | ||
| ▲ | progval 5 hours ago | parent | next [-] | |
The binary "zip" isn't the exploit, it's the shellcode. The exploit is the rest, which changes the code of a SUID executable (su). | ||
| ▲ | stackghost 3 hours ago | parent | prev [-] | |
The call to zlib basically overwrites a minimal ELF into a portion of the `su` binary, which exceve's /bin/sh. | ||