Filesystem sharing

General idea

  1. Sharing a filesystem/file on the attacker machine that stores a malicious shellcode with SUID bit and root as the owner

  2. Mount the filesystem and execute the shellcode (with SUID bit persisted) to gain a root shell

Required conditions

However, multiple conditions must be met for this privilege escalation method to work (will not likely be met in most cases, unless system is badly configured). This will be discussed further in the respective sections.

Last updated