:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
I'll do this tomorrow - I guess I need a mechanism to build precompiled shared objects into the traitor binary, I don't like having to rely on a c compiler existing on the target.
Another privesc using polkit
https://seclists.org/oss-sec/2022/q1/80