I have a quick question about using PATH variables to escalate priveleges. In this THM lab, after searching for SUID programs, there is a program that could run as root privileges called /usr/bin/menu. The programs consists of 3 functions which is curl, uname, ifconfig.
I had to manipulate the curl variable to be able to run a shell as root. I understand the process for the most part, but what I do not get is why I have to manipulate the variable in the /tmp folder.
So my question is why do I need to be in the tmp folder to manipulate the variable and do I have to be in the tmp folder everytime I want to manipulate a variable?
[link] [comments]
from hacking: security in practice https://ift.tt/RPwfAY2
Comments
Post a Comment