Xorg X11 Server SUID modulepath Privilege Escalation

Posted by deepcore on October 23, 2019 – 10:40 am

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and run arbitrary code under root privileges. This module has been tested with CentOS 7 (1708). CentOS default install will require console auth for the users session. Xorg must have SUID permissions and may not start if running. On successful exploitation artifacts will be created consistent with starting Xorg.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [webapps] Joomla! 3.4.6 – Remote Code Execution (Metasploit) [local] Linux Polkit – pkexec helper PTRACE_TRACEME local root (Metasploit) »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Xorg X11 Server SUID modulepath Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL