Add check for nosuid

rapid7 · Jan 9, 2025 · 23db148 · 23db148
1 parent af462f7
commit 23db148
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/modules/exploits/linux/local/runc_cwd_priv_esc.rb b/modules/exploits/linux/local/runc_cwd_priv_esc.rb
@@ -169,6 +169,11 @@ def exploit
       fail_with(Failure::BadConfig, "#{base_dir} is not writable")
     end
 
+    # Make sure we can execute our payload as root
+    if nosuid?(base_dir)
+      fail_with(Failure::BadConfig, "#{base_dir} is mounted nosuid")
+    end
+
     # create directory to write all our files to
     dir = "#{base_dir}/.#{rand_text_alphanumeric(5..10)}"
     mkdir(dir)