busybox-suidwrapper.c (1474B)
1 #include <unistd.h> 2 #include <stdio.h> 3 #include <stdlib.h> 4 #include <string.h> 5 #include <libgen.h> 6 7 int main(int argc, char **argv) 8 { 9 const char * cmds[] = { 10 "su", 11 "ping", 12 "ping6", 13 "traceroute", 14 "passwd", 15 "login", 16 "vlock", 17 "wall", 18 "crontab" 19 }; 20 21 const char * baseexec = basename(argv[0]); 22 23 if (!strcmp("busybox-suidwrapper", baseexec)) 24 { 25 if (argc > 1 && !strcmp("-l", argv[1])){ 26 for (int i = 0; i < sizeof(cmds) / sizeof(cmds[0]); ++i) 27 { 28 printf("%s ", cmds[i]); 29 } 30 printf("\n"); 31 } else { 32 printf("busybox SUID wrapper\n\nSupported commands:\n"); 33 printf("Usage:\n -l\tList available SUID commands\n"); 34 if (argc > 1) return 1; 35 } 36 return 0; 37 } 38 39 for (int i = 0; i < sizeof(cmds) / sizeof(cmds[0]); ++i) 40 { 41 if (!strcmp(cmds[i], baseexec)) 42 { 43 char **newargv = malloc(sizeof(char *) * (argc + 2)); 44 newargv[0] = "/bin/busybox"; 45 newargv[1] = (char *)baseexec; 46 for (int i = 1; i < argc; i++) 47 newargv[i + 1] = argv[i]; 48 newargv[argc + 1] = NULL; 49 50 int ret = execv("/bin/busybox", newargv); 51 free(newargv); 52 perror(argv[0]); 53 return ret; 54 } 55 } 56 fprintf(stderr, "%s","error: command not in suid whitelist!\n"); 57 return 1; 58 }