← Back to search

Find SUID Binaries for Privilege Escalation

privesclinuxtool

Summary

Enumerates SUID binaries on a Linux host; misconfigured or known-exploitable SUID files (see GTFOBins) can be abused to escalate to root.

Walkthrough

SUID binaries run with their owner's privileges. Listing them is a core Linux privesc step — compare the results against GTFOBins for known escalation paths.

Steps

  1. Find all SUID files on the system:

``bash find / -perm -4000 -type f 2>/dev/null ``

  1. Narrow to root-owned SUID binaries with a detailed listing:

``bash find / -user root -type f -perm -4000 -ls 2>/dev/null ``

Commands

bash

find / -perm -4000 -type f 2>/dev/null
find / -user root -type f -perm -4000 -ls 2>/dev/null