Locked Exploits blueman set_dhcp_handler D-Bus Privilege Escalation

[1337day-Exploits]

This Metasploit module attempts to gain root privileges by exploiting a Python code injection vulnerability in blueman versions prior to 2.0.3. The org.blueman.Mechanism.EnableNetwork D-Bus interface exposes the set_dhcp_handler function which uses user input in a call to eval, without sanitization, resulting in arbitrary code execution as root. This module has been tested successfully with blueman version 1.23 on Debian 8 Jessie (x64).

This is the hidden content, please

• Sign In
• or
• Sign Up