Rooting idea
Posted: Thu Sep 25, 2014 8:27 pm
Recently vulnerability was found in bash.
To exploit it we need
1) set any env variable
2) trigger execution of bash with any parameters. I guess exedsp often call shell.
UPDATE. False hope. Bash is not present on the system, only sh from busybox.
Code: Select all
k@wifi:~$ export x='() { :; }; echo "Oh..."'
k@wifi:~$ echo $x
() { :; }; echo "Oh..."
k@wifi:~$ bash
Oh...
1) set any env variable
2) trigger execution of bash with any parameters. I guess exedsp often call shell.
UPDATE. False hope. Bash is not present on the system, only sh from busybox.