Linux Privesc Playground
All the files with SUID bit set that belong to root:
All the binaries that can be exploited in the list above:
arp
cut
base64
tail
ul
shuf
php
openssl
file
tclsh
env
diff
strace
rlwrap
expand
fold
vim
vim /root/flag.txt
getting a shell
xargs
getting a shell
timeout
expect
jq
readelf
ionice
time
unshare
taskset
emacs
emacs /root/flag.txt
getting a shell
emacs -Q -nw --eval '(term "/bin/sh")'
flock
xxd
setarch
python
getting shell
uniq
sort
head
stdbuf
nl
find
getting shell
rsync
pg
getting shell
fmt
nice
od
gdb
unexpand
start-stop-daemon
sed
getting shell
logsave
dash
cp
ksh
getting shell
bash
more
ip
cat
zsh
less
less /root/flag.txt
dd
grep
run-parts
date
Last updated