SUID Screen Exploitation
Post

SUID Screen Exploitation

Screen

If screen is running as SUID you can look for a dettached session and use it to escalate privileges, first run the following command:

1
ps -aux | grep screen

If there is indeed a screen command being executed, then in order to get the session as the user executing run the following command:

1
screen -r <name of the session>/

Examples: Backdoor