presto

presto copied to clipboard

Presto changes the real/effective uid of any running process to a user specified value.

At first I created this as an 'proof of concept' that write access to /dev/kmem is enough to get root. Some people refuse to belive anything until they see it. And it was fun to write.

After I wrote it, i found it very handy for situations where I vi a file in /etc, and when I want to save my changes, I notice that I wasn't root, so I'm not allowed to write to it.

With presto you can just promote the vi to root with presto and easily save your changes. If you use 'sudo' it is as simple as ':!sudo presto' from inside vi, the default parameters just do the right thing in this case.

Presto only runs on FreeBSD (i386/amd64) at the moment -- sorry. Linux is far too different to port this there. It should be possible to run it on Net/OpenBSD too. You might want to take a look at the *.diff files to see the relevant tricks.

This version now runs up to FreeBSD-9.1.

Switches: -M /dev/kmem speciefies an alternate location for an writable kmem -p pid which process to modify, default = ppid i.e. the shell you call it from -u uid uid to change to, default = 0 -e uid Only change effective-uid (does not show in ps) -d print some debugging stuff -h short help

Please note that due to "credential sharing" you might also affect the uid of your parent process or your children, so it might be best to set your uid back after use ;)

CU & have fun Stefan Sec Zehl [email protected]