Linux Permission Vulnerabilities - Robertsegee/SEC335 GitHub Wiki

In this lab we focused on utilizing linux permissions to do a variety of tasks such as finding and executing files. The first step was to create a simple C program which displayed who ran the file. The way in which we were able to make it execute as root was to change the group and user that owns it with the chown command. We also did chmod u+s to the file to change the permissions of the file. This would then execute the file as root even when ran as a normal user. The next step of the lab was to locate files with certain permissions. This was done using the following command;
find / -perm -u=s -type f 2>/dev/null
The next step was similar but we needed to find world writeable files on a system, the command is as follows:
find / -perm -o+w -type f 2>/dev/null