Elliot Ward
Elliot is a senior security researcher at software security company Snyk. He has a background in software engineering and application security. He also enjoys craft beer and when not hacking can be found skateboarding or snowboarding in the Swiss alps.
Switzerland
Intervention
In this session, we explore a unique approach to privilege escalation in Ubuntu 24.04 by leveraging system features rather than relying solely on traditional vulnerabilities. Our research began with an investigation into Ubuntu's privilege boundaries, focusing on DBus and its interaction with the cups printing system. Through a series of methodical steps, we uncovered a way to escalate privileges from a standard user to root by chaining together minor bugs and existing features.
Our journey highlights the importance of understanding system components and their interactions. By exploiting the configurations within the cups service and bypassing AppArmor restrictions, we achieved arbitrary command execution, ultimately gaining root access through the wpa_supplicant service.
This talk emphasizes the significance of a holistic approach to security research, demonstrating how combining knowledge of system features can lead to successful exploitation. Attendees will gain insights into advanced privilege escalation techniques and the critical role of comprehensive system analysis in identifying security risks.