1) Through sudo find out executable applications:
$ sudo -l
After that, pinpoit the resolution at https://gtfobins.github.io/
2) Seek SUID and SGID:
$ find / -perm -4000 -o -perm -2000 -type f 2>/dev/null
Exploitation is located at https://gtfobins.github.io/#+suid
No comments:
Post a Comment