@rafa_br34 2 ай бұрын
Helped me a bit to understand how the SUID bit works, but what would even be the reason to add the SUID bit to some executable?
@janb.9425 2 ай бұрын
Breaking news: Allowing users to execute a shell as root allows them to get a root shell
@zuberkariye2299 10 ай бұрын
Amazing Demo!
@tbone907 3 жыл бұрын
Great video! Thanks for sharing.
@ahmedamr1124 3 ай бұрын
Nice observation
@AmazingJayB51 3 жыл бұрын
can you block someone from using zsh?
@adebolama2686 2 жыл бұрын
At 8:54 when you typed zsh you were login as root that's why you have the # in your prompt and I guess that was why it didn't ask for permission you are running in root context not as an ordinary user
@hetsonii 2 жыл бұрын
He got the root zsh because SUID bit was set for zsh. If it wasn't the case, he would have got the non-root zsh. that's the whole point of SUID Vulnerabilities!
@creed404 Жыл бұрын
That’s the point he was trying to explain!
@Michael_Jackson187 7 ай бұрын
@@hetsoniiWhat admin in there right fucking mind would set the SUID on a fucking shell, there are some things that need to be run as root and you can use something like gtfobin to escape then and get a sh. i remember using man to privesc during the eJPTv2 exam, this would be a more practical way of privesc like finding out what is already allowed on the system to run as root for the user by typing sudo -l and heading over to gtfobins for example "man" sudo man man !/bin/sh
@Autonomous4kpsf 7 ай бұрын
What if u are not in sudoers group
@firsfnamelastname8490 Жыл бұрын
It’s not a vulnerability but a functionality
@creed404 Жыл бұрын
A functionality that leads to vulnerabilities like any functionality
@rafa_br34 2 ай бұрын
@@creed404 Just like TCP...
Кушать Хочу
Рет қаралды 7 МЛН
HackerSploit
Рет қаралды 31 М.
DexTutor
Рет қаралды 23 М.
Кушать Хочу
Рет қаралды 7 МЛН