killchain-compendium/exploit/linux/sudo/tokens.md

15 lines
486 B
Markdown

# Reusing Sudo Token
* Reuse sudo token of currently logged in user
* [Hacktricks' site](https://book.hacktricks.xyz/linux-hardening/privilege-escalation#reusing-sudo-tokens)
* `ptrace` has to be fully enabled
```sh
cat /proc/sys/kernel/yama/ptrace_scope
0
```
* sudo has to be triggered the last 15 minutes, check `ps wuax`
* `gdb` has to be installed
* One must be logged in as the same user which should be owned
* Use [nongiach's exploit](https://github.com/nongiach/sudo_inject)