ptrace Sudo Token Privilege Escalation
Posted by deepcore on September 3, 2019 – 2:07 am
This Metasploit module attempts to gain root privileges by blindly injecting into the session user’s running shell processes and executing commands by calling system(), in the hope that the process has valid cached sudo tokens with root privileges. The system must have gdb installed and permit ptrace. This module has been tested successfully on Debian 9.8 (x64) and CentOS 7.4.1708 (x64).
Post a reply
You must be logged in to post a comment.