Collaborate Disseminate
I’m trying to understand SUID privilege escalation and I’m trying to recreate some issues.
But both all my scripts and binaries drop the SUID-Bit and get executed with the user with which I’m executing the them.
Therefore my question how c… Continue reading Ubuntu 24.04 and SUID
The SVR is conducting its targeting both specifically and broadly, the U.S. and U.K. cyber agencies said.
The post Agencies warn about Russian government hackers going after unpatched vulnerabilities appeared first on CyberScoop.
We had good discussions about it being safe or not five years ago, and it was defaulted to yes on the kernel way over 3 years ago (with a note calling anyone security conscious who disable it as paranoid)
So, was it exploited after all in … Continue reading Was Unpriviledged User Namespaces exploited since it started to default to YES?
Ubuntu snap is quite a hot topic. Therefore I am curious, what security risks are known for it?
Which misconfigurations are possible? And are there any misconfigurations which can be used to escalate to root user?
Continue reading Ubuntu – snap potential security issues (for privilege escalation)
Since I’m quite new to the whole topic of linux privilege escalation I’ve done a few courses in which usually the enumeration of services is mentioned with commands like:
ps aux
systemctl –type=service –state=running
But I wonder how do… Continue reading Linux Privilege Escalation – (running) Services [closed]
I am learning about interacting with Kerberos from a programming standpoint and have been recreating some of Rubeus’s functions as a way of learning (because what better open source program is there that deals with Kerberos and tickets). O… Continue reading Administrator escalating to SYSTEM in the normal course of things
I am sure others have analyzed this scenario before, but I cannot find a source.
Assume:
Attacker has an account on the system
Victim has an account on the system
Victim runs MyProg
There is a bug in MyProg: It creates a temporary file, b… Continue reading Is privilege escalation possible if Attacker can force Victim to write to symlink set by Attacker?
I, as Administrator, tried to assign Backup privileges to a sample user via secedit command…
cmd> secedit /export /cfg config.inf
It exported the contents of Local Security Policy (LSP) database to the newly created "config.inf&q… Continue reading Low level privilege assignment using Secedit failed
I’m stuck on a CTF exercise that has been quite difficult to get a grasp of. I have access to a server as a user. On this server, there’s only root other than me. I am supposed to access a file in root where I have no permissions or read t… Continue reading CTF assistance on linux privilege escape [closed]
I am not very skilled at linux and besides reading about clone and unshare I would love to have some second opinion on the situation:
The setup
A process I intend to run is an automated "chrome service" that visits sites. These s… Continue reading Is a docker container that requires "clone" and "unshare" syscalls of any use?