module
ZPanel zsudo Local Privilege Escalation Exploit
| Disclosed | Created |
|---|---|
| 2013-06-07 | 2018-05-30 |
Disclosed
2013-06-07
Created
2018-05-30
Description
This module abuses the zsudo binary, installed with zpanel, to escalate
privileges. In order to work, a session with access to zsudo on the sudoers
configuration is needed. This module is useful for post exploitation of ZPanel
vulnerabilities, where typically web server privileges are acquired, and this
user is allowed to execute zsudo on the sudoers file.
privileges. In order to work, a session with access to zsudo on the sudoers
configuration is needed. This module is useful for post exploitation of ZPanel
vulnerabilities, where typically web server privileges are acquired, and this
user is allowed to execute zsudo on the sudoers file.
Authors
sinn3r sinn3r@metasploit.com
juan vazquez juan.vazquez@metasploit.com
juan vazquez juan.vazquez@metasploit.com
Platform
Linux,Unix
Architectures
cmd, x86
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.