SetUID and SetGID

Secondary Categories: 02-Privilege Escalation

The SetUID is a unix flag that allows an executable to be run with the permissions of the file owner. The SetGID is the same concept, but with the permissions of the group.

-rwsr-sr-x 1 root root 122 May 14 22:25 thefile

Setting Permissions

#Change the setUID bit:
chmod u+s thefile
 
#Change the setGID bit:
chmod g+s thefile
 
#Change both the setUID and setGID bit:
chmod +s thefile

Searching for SetUID and SetGID Binaries

# Locate suid and sgid-enabled files for the current user
find / -perm -u=s -type f 2>/dev/null

Leveraging Unix Privileges

Once on a target system and you have identified binaries with setUID and setGID permissions we can potentially escalate our privileges by referencing GTFObins

Resources:

Title	URL
	https://attack.mitre.org/techniques/T1548/001
GTFObins	https://gtfobins.github.io/

Also Check Out:

PLACEHOLDER

The Void 🌌

Explorer

SetUID and SetGID

Setting Permissions

Searching for SetUID and SetGID Binaries

Leveraging Unix Privileges

Resources:

Also Check Out:

Graph View

Backlinks

Recent Blog Posts

No More Network Bottlenecks

Unmasking Secrets - Deciphering Encrypted Passwords through Reverse Engineering

Conquering Goliath as a CCDC Blue Teamer

Explorer

Table of Contents

Recent Blog Posts

No More Network Bottlenecks

Unmasking Secrets - Deciphering Encrypted Passwords through Reverse Engineering

Conquering Goliath as a CCDC Blue Teamer