Vulnerability & Exploit Database

Back to search

Debian/Ubuntu ntfs-3g Local Privilege Escalation

ntfs-3g mount helper in Ubuntu 16.04, 16.10, Debian 7, 8, and possibly 9 does not properly sanitize the environment when executing modprobe. This can be abused to load a kernel module and execute a binary payload as the root user.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/local/ntfs3g_priv_esc

Authors

  • jannh <jannh [at] google.com>
  • h00die <mike [at] shorebreaksecurity.com>

References

Targets

  • Linux x86
  • Linux x64

Platforms

  • linux

Architectures

  • x86
  • x64
  • x86
  • x64

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/local/ntfs3g_priv_esc msf exploit(ntfs3g_priv_esc) > show targets ...targets... msf exploit(ntfs3g_priv_esc) > set TARGET <target-id> msf exploit(ntfs3g_priv_esc) > show options ...show and set options... msf exploit(ntfs3g_priv_esc) > exploit

Related Vulnerabilities