Looks interesting for testing local server security. A useful feature to add mig... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Deukhoofd on Feb 22, 2021 \| parent \| context \| favorite \| on: Traitor: Linux privilege escalation made easy Looks interesting for testing local server security. A useful feature to add might be a link to an explanation of the exploited vulnerability, and how to resolve it.

tyingq on Feb 22, 2021 [–]

Sounds like a good suggestion. In the meantime...

It looks like there's basically 2 types of local privilege exploits used.

https://github.com/liamg/traitor/tree/main/pkg/exploits

1) Writeable Docker Socket: https://www.exploit-db.com/exploits/42356

2) GTFObins: https://gtfobins.github.io/

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact