module
Android 'su' Privilege Escalation
| Disclosed | Created |
|---|---|
| 2017-08-31 | 2019-03-19 |
Disclosed
2017-08-31
Created
2019-03-19
Description
This module uses the su binary present on rooted devices to run
a payload as root.
A rooted Android device will contain a su binary (often linked with
an application) that allows the user to run commands as root.
This module will use the su binary to execute a command stager
as root. The command stager will write a payload binary to a
temporary directory, make it executable, execute it in the background,
and finally delete the executable.
On most devices the su binary will pop-up a prompt on the device
asking the user for permission.
a payload as root.
A rooted Android device will contain a su binary (often linked with
an application) that allows the user to run commands as root.
This module will use the su binary to execute a command stager
as root. The command stager will write a payload binary to a
temporary directory, make it executable, execute it in the background,
and finally delete the executable.
On most devices the su binary will pop-up a prompt on the device
asking the user for permission.
Author
timwr
Platform
Android,Linux
Architectures
aarch64, armle, x86, x64, mipsle
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.