First page Back Continue Last page Overview Graphics
Privilege Escalation
Incorrect ownership of sudo'ed files -› instant root!
- sudo: Allows mortals to execute stuff as the superuser
- Configuration file is edited with the command
- Example entry
- alex ALL = NOPASSWD: /root/scripts/adsl-up
SetUserID and SetGroupID programs
- # find / \( -perm -02000 -o -perm -04000 \) -ls > setXid
- Buffer Overflows
- Format String Vulnerabilities
Notes:
Privilege Escalation is, in a nutshell, the art of using your normal, restricted privileges, to get superuser privileges and thus complete control of the system.