module
ktsuss suid Privilege Escalation
| Disclosed | Created |
|---|---|
| Aug 13, 2011 | Sep 3, 2019 |
Disclosed
Aug 13, 2011
Created
Sep 3, 2019
Description
This module attempts to gain root privileges by exploiting
a vulnerability in ktsuss versions 1.4 and prior.
The ktsuss executable is setuid root and does not drop
privileges prior to executing user specified commands,
resulting in command execution with root privileges.
This module has been tested successfully on:
ktsuss 1.3 on SparkyLinux 6 (2019.08) (LXQT) (x64); and
ktsuss 1.3 on SparkyLinux 5.8 (LXQT) (x64).
a vulnerability in ktsuss versions 1.4 and prior.
The ktsuss executable is setuid root and does not drop
privileges prior to executing user specified commands,
resulting in command execution with root privileges.
This module has been tested successfully on:
ktsuss 1.3 on SparkyLinux 6 (2019.08) (LXQT) (x64); and
ktsuss 1.3 on SparkyLinux 5.8 (LXQT) (x64).
Authors
John Lightsey
bcoles bcoles@gmail.com
bcoles bcoles@gmail.com
Platform
Linux
Architectures
x86, x64, armle, aarch64, ppc, mipsle, mipsbe
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.