While pivoting in a segmented network, you land in a restricted shell on an Ubuntu server where id returns uid=33(www-data). A quick enumeration shows /usr/bin/nmap has the SUID bit set and reports version 2.02 when run. What is the fastest way to escalate privileges on this host?
Invoke "nmap --privileged --script-upgrade" to append your account to /etc/sudoers.
Create a malicious NSE Lua script that spawns /bin/bash and execute it using "nmap --script".
Run "nmap -e eth0 --privileged" to open port 4444 and receive a reverse root shell.
Launch Nmap with "nmap --interactive" and type "!sh" inside the prompt to obtain a root shell.
Interactive mode was available in Nmap releases up to version 3.81. Because the host's copy of Nmap 2.02 is installed with the SUID bit, launching it with the --interactive flag runs the program as root. From the interactive prompt you can execute the built-in command "!sh" to spawn a root shell that inherits those elevated privileges. The other options are ineffective: NSE scripts refuse to run when Nmap detects SUID execution, the switch --script-upgrade does not exist, and using --privileged with an interface merely enables raw-socket scans without giving a shell or modifying sudoers.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the SUID bit in Linux?
Open an interactive chat with Bash
Why is Nmap's interactive mode related to privilege escalation?
Open an interactive chat with Bash
What are NSE scripts and why don’t they work in this scenario?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
System Hacking Phases and Attack Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .