Path exploits

Become root on Linux using path:

  1. Search for files with incorrectly installed authorities that are on PATH

  2. Change PATH

  3. Use script or program

Example

  1. What folders are located under $PATH?

$ echo $PATH

  1. Does current user have write privileges for any of these folders?

find / -writable 2>/dev/null | cut -d "/" -f 2,3 | grep -v proc | sort

  1. Can $PATH be modified?

  2. Is there a script/application that will be affected by this vulnerability?

Notes

Not really exploit usage, but based on files with incorrectly installed authorities.