Exploiting SUID Executables

How to Find SUID Files

find / -perm -u=s -type f 2>/dev/null
find / -user root -perm -4000 -print 2>/dev/null

Common exploitable SUID executable

  • Nmap

  • Vim

  • find

  • Bash

  • More

  • Less

  • Nano

  • cp

Resources

PreviousChecklistNextExploiting SUDO Users

Last updated