Wildcard Expansion Exploitation

Hi and welcome to this new video! In this video we continue the "Linux Privilege Escalation" series. This time the focus will be on an exploitation technique known as "wildcard expansion". This technique is useful anytime we have a command that implements some sort of expansion functionality, like for example when wildcards characters are used within the linux shell (sh or bash). I hope you find it helpful, and I would appreciate if you leave your feedback down in the comments, and share this series with like-minded people. Thank you very much! ------------------------- TIMESTAMP 00:00 Introduction 01:20 Shell wildcards 08:30 Why wildcards can be dangerous? 10:50 Scenario 1 – tar 17:45 Scenario 2 – find 24:12 Scenario 3 – rsync 28:52 Conclusion ------------------------- REFERENCES - Material: https://github.com/LeonardoE95/yt-en/tree/main/src/2024-07-15-linux-privesc-wildcard-expansion-exploitation ------------------------- CONTACTS - Blog: https://blog.leonardotamiano.xyz/ - Github: https://github.com/LeonardoE95?tab=repositories - Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ