Add "`setuid` and `setgid`" technique (T1166)

[**T1166**](https://attack.mitre.org/techniques/T1166/)

`setuid` or `setgid` bits are set on Linux so that the application will run with the privileges of the owning user or group respectively, instead of the user or the group of the user launching it.  
Adversaries can use this to either do a shell escape or exploit a vulnerability in an application with the `setuid` or `setgid` bits to get code running in a different user’s context.

**Adding it as  PBA:**
\- *LINUX*: try modifying file permissions using `chown` and `chmod`; see [this](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1548.001/T1548.001.md#atomic-test-2---set-a-setuid-flag-on-file) and [this](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1548.001/T1548.001.md#atomic-test-3---set-a-setgid-flag-on-file)
\- *WINDOWS*: not applicable

[**Mapping the technique to the ATT&CK matrix**](https://github.com/shreyamalviya/monkey/blob/guide-to-add-attack-technique/monkey/Adding-a-new-attack-technique.md)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add "`setuid` and `setgid`" technique (T1166) #702

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add "setuid and setgid" technique (T1166) #702

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Add "`setuid` and `setgid`" technique (T1166) #702