Exploiting SUID Executables

How to Find SUID Files
find / -perm -u=s -type f 2>/dev/null
find / -user root -perm -4000 -print 2>/dev/null
Common exploitable SUID executable
Nmap 
Vim 
find 
Bash 
More 
Less 
Nano 
cp
Resources
​Linux Privilege Escalation using SUID Binaries​
​https://pentestlab.blog/2017/09/25/suid-executables/​
​

Linux Post Exploitation - Previous

Checklist

Next - Linux Post Exploitation

Exploiting SUDO Users

Last modified 1yr ago