Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Privilege Escalation via File Descriptors in Privileged Binaries
Today I wanted to cover an application security topic that applies to SetUID binaries. As we all know, making a mistake in a SetUID binary will lead to privilege escalation. Today’s topic is about SetUID binaries that drop privileges, but leave a file they opened, well, opened. This creates ...Learn more