module

JCL to Escalate Privileges

Try Surface Command
Back to search
Disclosed
N/A
Created
May 30, 2018

Description

Elevate privileges for user. Adds
SYSTEM SPECIAL and BPX.SUPERUSER to user profile. Does this by using
an unsecured/updateable APF authorized library (APFLIB) and updating
the user's ACEE using this program/library. Note: This privesc only
works with z/OS systems using RACF, no other ESM is supported.

Authors

Bigendian Smalls
Ayoub

Platform

Mainframe

Architectures

cmd

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use payload/cmd/mainframe/apf_privesc_jcl
    msf payload(apf_privesc_jcl) > show actions
        ...actions...
    msf payload(apf_privesc_jcl) > set ACTION < action-name >
    msf payload(apf_privesc_jcl) > show options
        ...show and set options...
    msf payload(apf_privesc_jcl) > run
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today