Compile malicious binary using vulnerable SUID

After identifying SUID binaries, we are able to compile and modify permissions of the binary to allow it to execute as root.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
GTsST Sandworm Team


Emulate Sandworm privileged persistence from a campaign targeting Centreon systems