Sudo Screen Privilege Escalation

Sudo screen command might be vulnerable to privilege escalation (PrivEsc)

Investigation

sudo -l

(root) /usr/bin/screen -r testsession
Copied!

If we can execute "screen" command as root, we can spawn a root shell from the screen session.

Exploitation

First execute "screen" command as root, then a screen session will be start. Now we can spawn a root shell by pressing “Ctrl+a+c” in the screen session.

PreviousSudo Reboot Privilege Escalation NextSudo Service Privilege Escalation

Last updated 1 year ago