Capabilities

"Better" than SUID but vulnerable in the same way

What are Capabilities?

capabilities(7) - Linux manual pageman7.org
Capabilities man page

In short, "capability" is a "safer" version of SUID. However, it is still vulnerable in certain cases.

Enumeration

Search for capabilities:

Python Capabilities

Suppose /usr/bin/python2.6 has all capabilities:

Python capabilities

Spawn a root shell:

PreviousSUIDNextCron Jobs

Last updated

Was this helpful?