README.md
Rendering markdown...
section .text
global _start
_start:
mov rax, 1 ; write
mov rdi, 1
lea rsi, [rel msg_start]
mov rdx, msg_start_len
syscall
; [+] Found SUID binary
mov rax, 1
mov rdi, 1
lea rsi, [rel msg_suid]
mov rdx, msg_suid_len
syscall
; setuid(0)
mov rax, 105
xor rdi, rdi
syscall
; setgid(0)
mov rax, 106
xor rdi, rdi
syscall
; [+] Exploit successful!
mov rax, 1
mov rdi, 1
lea rsi, [rel msg_root]
mov rdx, msg_root_len
syscall
; execve("/bin/sh", NULL, NULL)
mov rax, 59
lea rdi, [rel bin_sh]
xor rsi, rsi
xor rdx, rdx
syscall
; 😂 PRANK!
mov rax, 1
mov rdi, 1
lea rsi, [rel msg_prank]
mov rdx, msg_prank_len
syscall
; exit(0)
mov rax, 60
xor rdi, rdi
syscall
msg_start db "🔥 INITIATING PRIVILEGE ESCALATION... 🔥", 10
msg_start_len equ $ - msg_start
msg_suid db "[+] Found SUID binary: /usr/bin/passwd (root privileges detected!)", 10
msg_suid_len equ $ - msg_suid
msg_root db "[+] Exploit successful! Root shell spawned!", 10
msg_root_len equ $ - msg_root
bin_sh db "/bin/sh", 0
msg_prank db "😂 APRIL FOOLS! You got pranked no root for you! 😂", 10
msg_prank_len equ $ - msg_prank