Skip to content

Add "setuid and setgid" technique (T1166) #702

New issue
New issue
Closed
#713
Closed
Add "setuid and setgid" technique (T1166)#702
#713
Assignees
shreyamalviya
Labels
FeatureIssue that describes a new feature to be implemented.
@shreyamalviya

Description

@shreyamalviya
shreyamalviya
opened on Jul 2, 2020

T1166

setuid or setgid bits are set on Linux so that the application will run with the privileges of the owning user or group respectively, instead of the user or the group of the user launching it.
Adversaries can use this to either do a shell escape or exploit a vulnerability in an application with the setuid or setgid bits to get code running in a different user’s context.

Adding it as PBA:
- LINUX: try modifying file permissions using chown and chmod; see this and this
- WINDOWS: not applicable

Mapping the technique to the ATT&CK matrix

Metadata

Metadata

Assignees

Labels

FeatureIssue that describes a new feature to be implemented.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions