Linux SUID Vulnerability Demonstration
Рет қаралды 7,790
Күн бұрын
@rafa_br34 5 ай бұрын
Helped me a bit to understand how the SUID bit works, but what would even be the reason to add the SUID bit to some executable?
@odinalfather6494 17 күн бұрын
amazing, I love you
@zuberkariye2299 Жыл бұрын
Amazing Demo!
@tbone907 4 жыл бұрын
Great video! Thanks for sharing.
@janb.9425 5 ай бұрын
Breaking news: Allowing users to execute a shell as root allows them to get a root shell
@ahmedamr1124 6 ай бұрын
Nice observation
@adebolama2686 3 жыл бұрын
At 8:54 when you typed zsh you were login as root that's why you have the # in your prompt and I guess that was why it didn't ask for permission you are running in root context not as an ordinary user
@hetsonii 2 жыл бұрын
He got the root zsh because SUID bit was set for zsh. If it wasn't the case, he would have got the non-root zsh. that's the whole point of SUID Vulnerabilities!
@creed404 Жыл бұрын
That’s the point he was trying to explain!
@Michael_Jackson187 10 ай бұрын
@@hetsoniiWhat admin in there right fucking mind would set the SUID on a fucking shell, there are some things that need to be run as root and you can use something like gtfobin to escape then and get a sh. i remember using man to privesc during the eJPTv2 exam, this would be a more practical way of privesc like finding out what is already allowed on the system to run as root for the user by typing sudo -l and heading over to gtfobins for example "man" sudo man man !/bin/sh
@AmazingJayB51 3 жыл бұрын
can you block someone from using zsh?
@BETTER_WAY_FORWARD_60 10 ай бұрын
What if u are not in sudoers group
@firsfnamelastname8490 2 жыл бұрын
It’s not a vulnerability but a functionality
@creed404 Жыл бұрын
A functionality that leads to vulnerabilities like any functionality
@rafa_br34 5 ай бұрын
@@creed404 Just like TCP...
HackerSploit
Рет қаралды 34 М.
DexTutor
Рет қаралды 26 М.