this post was submitted on 03 Oct 2023
3 points (100.0% liked)

appsec

335 readers
1 users here now

A community for all things related to application security.

founded 2 years ago
MODERATORS
laszlok@infosec.pub
3
root with a single command: sudo logrotate (joshua.hu)
submitted 1 year ago by fuckReddit@infosec.pub to c/appsec@infosec.pub
0 comments fedilink hide all child comments
 

The scenario is this: a brand new Ubuntu 22.04 server has an account which is restricted to running sudo logrotate *. Can we get root? Short answer: Yes. I couldn’t find much online about this type of exploitation of logrotate, so let’s document something for future use.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here