From Cobalt Cassowary, 4 Years ago, written in Plain Text.
Embed
  1. #include <unistd.h>
  2. #include <stdio.h>
  3. #include <sys/capability.h>
  4.  
  5. int main(int argc, char **argv)
  6. {
  7.   struct __user_cap_header_struct capheader;
  8.   struct __user_cap_data_struct capdata[2];
  9.   char *newargv[] = { NULL, "hello", "world", NULL };
  10.   char *newenviron[] = { NULL };
  11.   printf("running as uid %d\n", getuid());
  12.  
  13.  
  14.   memset(&capheader, 0, sizeof(capheader));
  15.   memset(&capdata, 0, sizeof(capdata));
  16.   capheader.version = _LINUX_CAPABILITY_VERSION_3;
  17.   capdata[CAP_TO_INDEX(CAP_SETUID)].effective |= CAP_TO_MASK(CAP_SETUID);
  18.   capdata[CAP_TO_INDEX(CAP_SETGID)].effective |= CAP_TO_MASK(CAP_SETGID);
  19.   capdata[CAP_TO_INDEX(CAP_SETUID)].permitted |= CAP_TO_MASK(CAP_SETUID);
  20.   capdata[CAP_TO_INDEX(CAP_SETGID)].permitted |= CAP_TO_MASK(CAP_SETGID);
  21.   if (capset(&capheader, &capdata[0]) < 0) {
  22.     printf("Could not set capabilities: %s\n", strerror(errno));
  23.   }
  24.  
  25.   if(setresgid(0,0,0) || setresuid(0,0,0)) {
  26.     printf("setresgid/setresuid failed\n");
  27.   }
  28.   RUN SCRIPT HERE - WITH SOMETHING
  29.   return 0;
  30. }
  31.