Collaborate Disseminate
So I need help figuring out a box when using sudo -l
root (NOPASSWD) /usr/bin/find /var/log/*.log
I tried everything. It doesnt matter any command you put afterwards. After *.log nothing else works. Like
sudo find /var/log/*.log -exec /bi… Continue reading Privilge escalation I have no clue [closed]
Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who is exploiting them, or how.
News article. Slashdot thread.
Continue reading CISA Identifies Five New Vulnerabilities Currently Being Exploited
Ransomware operators exploit a vulnerable Paragon driver in BYOVD attacks to elevate privileges to System.
The post Vulnerable Paragon Driver Exploited in Ransomware Attacks appeared first on SecurityWeek.
Continue reading Vulnerable Paragon Driver Exploited in Ransomware Attacks
If I am not wrong, Ubuntu 24.04.01 LTS has the "dirname" linux binary in a suid bit file with relative path, not absolute (which is a security issue due to that a user can change his "PATH" variable to use an own "… Continue reading relative path in suid binary – what prevents a local privilege escalation?
What could be the reason for potato exploits not being able to spawn a reverse shell?
OS: Microsoft Windows Server 2022 Standard
Build: 20348
Exploits tried: RoguePotato, SigmaPotato, GodPotato
What doesn’t work:
Spawning the reverse shel… Continue reading Potato exploits dont spawn reverse shell
I’m trying to understand SUID privilege escalation and I’m trying to recreate some issues.
But both all my scripts and binaries drop the SUID-Bit and get executed with the user with which I’m executing the them.
Therefore my question how c… Continue reading Ubuntu 24.04 and SUID
The SVR is conducting its targeting both specifically and broadly, the U.S. and U.K. cyber agencies said.
The post Agencies warn about Russian government hackers going after unpatched vulnerabilities appeared first on CyberScoop.
We had good discussions about it being safe or not five years ago, and it was defaulted to yes on the kernel way over 3 years ago (with a note calling anyone security conscious who disable it as paranoid)
So, was it exploited after all in … Continue reading Was Unpriviledged User Namespaces exploited since it started to default to YES?
Ubuntu snap is quite a hot topic. Therefore I am curious, what security risks are known for it?
Which misconfigurations are possible? And are there any misconfigurations which can be used to escalate to root user?
Continue reading Ubuntu – snap potential security issues (for privilege escalation)
Since I’m quite new to the whole topic of linux privilege escalation I’ve done a few courses in which usually the enumeration of services is mentioned with commands like:
ps aux
systemctl –type=service –state=running
But I wonder how do… Continue reading Linux Privilege Escalation – (running) Services [closed]