Retrieves all the files in the target system that are setuid enabled.: Detect backdoor binaries (attacker may drop a copy of /bin/sh). Find potential elevation points / vulnerabilities in the standard build.
Query:
select * from suid_bin;Additional Query Info:
Version: 1.4.5
Platform: posix
Interval: 3600
JSON:
{ "queries": { "suid_bin": { "query" : "select * from suid_bin;", "interval" : "3600", "platform" : "posix", "version": "1.4.5", "description" : "Retrieves all the files in the target system that are setuid enabled.", "value" : "Detect backdoor binaries (attacker may drop a copy of /bin/sh). Find potential elevation points / vulnerabilities in the standard build." } } }