Skip to content

Commit a267adc

Browse files
author
David Davidson
authored
Update README.md
1 parent 277010f commit a267adc

File tree

1 file changed

+13
-1
lines changed

1 file changed

+13
-1
lines changed

screen2root/README.md

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,13 @@
1-
## screen2root
1+
# screen2root
2+
3+
## TL;DR
4+
On systems where screen is version 4.5.0 (Screen version 4.05.00 (GNU) 10-Dec-16), and setuid root, you can use it to create arbritary files with root permissions containing arbritary content.
5+
6+
This PoC creates an /etc/ld.so.preload file pointing to a library that creates a setuid root shell and then calls screen again to trigger it.
7+
8+
TL;DR you get root.
9+
10+
Original bug report is [here](https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html)
11+
12+
## Screenshot
13+
[![lol](https://raw.githubusercontent.com/XiphosResearch/exploits/master/screen2root/screen2root.png)]

0 commit comments

Comments
 (0)