Privilege escalation with setuid
What are setuid and setgid?
When applied on executable (and shell scripts if it’s not disabled), setuid is a mechanism in UNIX systems to allow an user to execute a program with the owner’s permissions. Setguid is the same principle, but we get the group permission instead of the user’s.
If you want too know more about it or setgid (that we won’t use), read the Wikipedia article.
In this article we will create a C program we will run as a normal user, and thanks to setuid it will spawn for us a shell (as root!).