module
ptrace Sudo Token Privilege Escalation
| Disclosed |
|---|
| Mar 24, 2019 |
Disclosed
Mar 24, 2019
Description
This module attempts to gain root privileges by blindly injecting into
the session user's running shell processes and executing commands by
calling `system()`, in the hope that the process has valid cached sudo
tokens with root privileges.
The system must have gdb installed and permit ptrace.
This module has been tested successfully on:
Debian 9.8 (x64); and
CentOS 7.4.1708 (x64).
the session user's running shell processes and executing commands by
calling `system()`, in the hope that the process has valid cached sudo
tokens with root privileges.
The system must have gdb installed and permit ptrace.
This module has been tested successfully on:
Debian 9.8 (x64); and
CentOS 7.4.1708 (x64).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.