Gaining access to a system is always exciting, but where do you go from there? Root or bust. Sure, a compromised host is a great way to run a botnet, or do some other boring, nefarious thing—but as hackers, we want root. We also want to take the easiest path possible, search out low-hanging fruit, and exploit them. SUID programs are the lowest of the low-hanging fruit.

In this article, we will be using the Linux find command to search for SUID (set user identification) programs to escalate our privilege level. An SUID bit is a special permission in Linux that allows a program to run as the… more


Go to Source

 

Comments are closed.