Screen
If screen is running as SUID you can look for a dettached session and use it to escalate privileges, first run the following command:
1
ps -aux | grep screen
If there is indeed a screen command being executed, then in order to get the session as the user executing run the following command:
1
screen -r <name of the session>/
Examples: Backdoor