<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Setuid on LEIKAH</title><link>https://leikah.haoyingcao.xyz/en/tags/setuid/</link><description>Recent content in Setuid on LEIKAH</description><generator>Hugo</generator><language>en</language><atom:link href="https://leikah.haoyingcao.xyz/en/tags/setuid/index.xml" rel="self" type="application/rss+xml"/><item><title>setuid</title><link>https://leikah.haoyingcao.xyz/en/docs/priv_esc/linux/permission/suid/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://leikah.haoyingcao.xyz/en/docs/priv_esc/linux/permission/suid/</guid><description>&lt;p&gt;The &lt;strong&gt;Set User IP upon Execution (setuid)&lt;/strong&gt; permission can allow a user to execute a program or script with the permission of another user, typically with elevated privileges.&lt;/p&gt;
&lt;p&gt;We may use the following command to find &lt;code&gt;setuid&lt;/code&gt; files owned by root. Note that setuid executables will be marked with &lt;code&gt;s&lt;/code&gt;.&lt;/p&gt;
&lt;div class="highlight"&gt;&lt;pre tabindex="0" style="color:#d8dee9;background-color:#2e3440;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"&gt;&lt;code class="language-bash" data-lang="bash"&gt;&lt;span style="display:flex;"&gt;&lt;span&gt;find / -user root -perm -4000 -exec ls -ldb &lt;span style="color:#81a1c1"&gt;{}&lt;/span&gt; &lt;span style="color:#ebcb8b"&gt;\;&lt;/span&gt; 2&amp;gt;/dev/null
&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;If one of the executables listed above allows command to be executed, it can be leveraged for privilege escalation and execute commands as root.&lt;/p&gt;</description></item></channel></rss>