particularly interesting solution.
We need to do what our chmod file can do, but we also need permission to do it. To put this
another way, our end goal is a file that can do what chmod can do, but that has the permissions
of another file, such as ls.
We’ll start by making a copy of a file that we know has the permission set we need. Since we
checked the ls command earlier, let’s copy that file into a new file named chmodfix.
kali@kali:~$
cp /usr/bin/ls chmodfix kali@kali:~$
ls -l chmodfix -rwxr-xr-x 1 kali kali 147176 Jun 8 08:16 chmodfix
Listing 19 - Copying a file with cp. Our new chmodfix file has the same permissions as the file we copied. This is a promising start.
The new chmodfix file is a perfect copy of ls. It can be run in the same way as ls, can use the
same options, and so on. In other words, anywhere we would have used ls, we can use this
instead. Let’s try running it on itself.
kali@kali:~$
./chmodfix -l chmodfix -rwxr-xr-x 1 kali kali 147176 Jun 8 08:16 chmodfix
Listing 20 - Anything ls can do, chmodfix can do. The output is the same as before. This is progress!
Since the only thing that seems to be “broken” with our chmod file is the permissions (as far as
we know, the contents of the file itself are fine), let’s try to copy only the contents of the file and
not the permissions. In other words, we only need the contents of the file - not the entire thing.
Since we know that cp will copy the entire file, we can’t use that approach. The
cat command
161
is
often used to show the contents of a file, so we will use that. Instead of just sending the contents
of the file to display in the terminal window, we can use the “>” character to send them into our
chmodfix
file.
First, we’ll run ls -l so that we can easily confirm whether or not the file contents change.
kali@kali:~$