1
00:00:01,530 --> 00:00:06,230
All right, guys, now in this video, we'll be talking about the special operations in Iraq.

2
00:00:07,260 --> 00:00:11,610
First, I will start with an example in order to have the better understanding.

3
00:00:12,030 --> 00:00:20,460
So was I am working in a company and I have a binary to the binary that I was.

4
00:00:21,480 --> 00:00:28,760
So in order to execute that binary, it asks the sort of permissions that means I need to run additional

5
00:00:28,860 --> 00:00:29,430
permissions.

6
00:00:29,730 --> 00:00:37,560
So what I do is I go to administrator or administrator in the company and he will come to my desktop

7
00:00:37,560 --> 00:00:41,430
computer and he will have the password and he will run the electrical work.

8
00:00:41,670 --> 00:00:42,570
OK, that's fine.

9
00:00:42,900 --> 00:00:46,140
So what if I want to use that binary so many times?

10
00:00:46,140 --> 00:00:47,730
Like 10 times, 15 times.

11
00:00:47,940 --> 00:00:54,510
So every time he wants to come to my desktop and computer for security purposes.

12
00:00:55,080 --> 00:00:57,270
So in order to prevent that.

13
00:00:59,380 --> 00:01:07,840
Time wasted, what a shelter does is he said some special bits on that binary so that anyone running

14
00:01:07,840 --> 00:01:13,020
that Bernadi will can run and as that user.

15
00:01:13,600 --> 00:01:18,100
So you've got to set some permissions on that binary.

16
00:01:18,100 --> 00:01:23,100
And if I'm running that binary, that binary will automatically run as a route user.

17
00:01:23,530 --> 00:01:25,050
So I will explain it.

18
00:01:25,810 --> 00:01:34,180
So I type a Lespinasse cell to display all the files in order to know I'm going to say that.

19
00:01:35,770 --> 00:01:46,690
Fight that system, so I'm going I have created the template, right, so that information is are right

20
00:01:46,690 --> 00:01:50,200
for my user and the Read-Only for others.

21
00:01:51,070 --> 00:02:01,290
I know what I want to do is to change this part of the time, to set this special card user.

22
00:02:01,930 --> 00:02:10,440
And this will set the executable for the user as s so that we have the S.H. Marchman.

23
00:02:10,720 --> 00:02:11,710
Or do you want to lose?

24
00:02:11,710 --> 00:02:16,330
You need to type secret model and you need to say you press.

25
00:02:16,570 --> 00:02:20,170
That means we are keeping the user with you process.

26
00:02:20,590 --> 00:02:23,640
So we are making that user as it should be.

27
00:02:25,120 --> 00:02:26,800
We are setting the user ready.

28
00:02:28,320 --> 00:02:33,390
So for user permissions, you need to set down idea and I want to come.

29
00:02:35,550 --> 00:02:39,420
So if I share my concern, as you can see, there is a capitalis.

30
00:02:39,840 --> 00:02:48,150
So this captor's indicates that our binary is not a adequate but the user I.D., which has been said.

31
00:02:48,420 --> 00:02:54,030
So to make it executable, we need to see it more.

32
00:02:55,860 --> 00:03:02,290
But at six am, so now we have given that executable permissions for less money.

33
00:03:02,550 --> 00:03:04,050
You can see there is less.

34
00:03:04,440 --> 00:03:11,240
Now I can execute this as it executable, this 10 percent executable.

35
00:03:12,270 --> 00:03:17,970
And remember, if there is CAPITALIS in the security, we cannot execute this file.

36
00:03:18,750 --> 00:03:26,970
We should make sure that we have given us sufficient permissions to run this machinery so we have the

37
00:03:26,970 --> 00:03:27,450
smallest.

38
00:03:27,450 --> 00:03:30,240
That means we can run this as the owner of that.

39
00:03:31,880 --> 00:03:39,710
Honor of that fight, which is so if any other user like Senecal, Nicoleta, has been using this binary,

40
00:03:39,710 --> 00:03:43,370
then they would run this temporary as a Nickey user.

41
00:03:45,320 --> 00:03:55,980
So if any binary has been set, you ready to go to one recruit user, then that binary will execute

42
00:03:56,060 --> 00:03:58,160
as a root user by any other user.

43
00:03:58,550 --> 00:04:02,720
So this leads to some privilege problems.

44
00:04:03,140 --> 00:04:04,790
So we'll discuss that later.

45
00:04:05,360 --> 00:04:14,620
Now, another bit I want to say, is this one a good tool for the group Brookpark that you set said

46
00:04:14,640 --> 00:04:23,180
Gruppioni, If I put that bet on, it means that this binary can be added to that as the permissions

47
00:04:23,540 --> 00:04:24,520
of that group.

48
00:04:25,190 --> 00:04:29,260
So somebody, Nikil, to Article three has been using this file.

49
00:04:29,570 --> 00:04:34,220
Then they execute this file as a group are part of this group.

50
00:04:34,910 --> 00:04:36,100
So let me show that to.

51
00:04:36,320 --> 00:04:38,180
So I will say that.

52
00:04:39,320 --> 00:04:44,570
Them, too, and I see her more, and this time, what do you want to lose?

53
00:04:44,580 --> 00:04:48,490
You want to depress us because we are setting the group right.

54
00:04:48,890 --> 00:04:50,150
And I want to say them to.

55
00:04:51,730 --> 00:04:59,250
Fisheries minister, now there is a captor's in the group, permission of the executive.

56
00:04:59,670 --> 00:05:08,030
Now, what I want to do is I want to set executable, so I want this see it more, Prosek's says the

57
00:05:08,040 --> 00:05:10,860
executive bit for our user group and others.

58
00:05:14,480 --> 00:05:19,020
Facilities minister, notorious figures for the group promotions.

59
00:05:19,100 --> 00:05:26,300
There is a split second, so if if any anonymous are there on this binary, then they will be running

60
00:05:26,300 --> 00:05:29,920
as the owner or member of this Nickey group.

61
00:05:31,900 --> 00:05:42,820
And there is one more call to keep it and to do this, we need to see its multiplicity and to pressure

62
00:05:42,970 --> 00:05:43,540
this mindset.

63
00:05:44,020 --> 00:05:46,910
So there you see this for every other user.

64
00:05:47,260 --> 00:05:50,980
It is the last bit has been said to be.

65
00:05:51,520 --> 00:06:01,180
So these exhibits are very advantageous and helpful when you are sharing a folder in the network of

66
00:06:01,180 --> 00:06:01,830
your computers.

67
00:06:02,050 --> 00:06:07,810
So if you are sharing a folder in a net profit sharing, then this should be on.

68
00:06:07,930 --> 00:06:09,160
It's like better.

69
00:06:09,370 --> 00:06:16,990
So what it does is it will prevent any other user to delete the contents of the folder except the owner

70
00:06:16,990 --> 00:06:17,800
and the user.

71
00:06:18,370 --> 00:06:20,370
So I have created this folder.

72
00:06:20,860 --> 00:06:30,760
And if I said just to keep it on and I a to do necrophile shading, then this prevents every other user

73
00:06:30,760 --> 00:06:32,230
except Ruth and me.

74
00:06:32,800 --> 00:06:37,570
I am the owner because and the root user only can do those contents.

75
00:06:37,570 --> 00:06:43,330
And therefore so every other user technical to temporarily give the user cannot delete the contents

76
00:06:43,330 --> 00:06:44,040
of the directory.

77
00:06:44,260 --> 00:06:51,580
So it is safe or secure way to host your directress in your network.

78
00:06:53,020 --> 00:07:02,230
So generally, you see this ticket in network publishers generally just don't on shifts because we don't

79
00:07:02,230 --> 00:07:03,430
have a large number of computers.

80
00:07:03,430 --> 00:07:03,660
Right.

81
00:07:04,210 --> 00:07:12,040
So I'm just saying that if you want to expose your territory to a more than 10 computers and you just

82
00:07:12,040 --> 00:07:14,470
put this together, we don't know.

83
00:07:15,490 --> 00:07:19,570
The interesting part is these security boundaries.

84
00:07:19,720 --> 00:07:22,540
So the binaries which had the.

85
00:07:24,310 --> 00:07:33,970
This is about security on our consulate windows, you can see escalating boundaries, so these penalties

86
00:07:33,970 --> 00:07:44,380
are very prone to prevent escalation because in sufficient or wrong method of setting, these are the

87
00:07:44,380 --> 00:07:46,880
programs can reach to prevent escalation.

88
00:07:47,050 --> 00:07:54,450
So one way to find these bits, I mean, these are, you know, to find slash from the router three,

89
00:07:54,490 --> 00:07:57,110
I want to find and I want to say.

90
00:07:57,970 --> 00:08:04,990
So I want to denote some binaries that have the permissions user, which is a cul de sac.

91
00:08:05,740 --> 00:08:10,950
So I want to find from the tree and with the permissions as user is equal to.

92
00:08:11,320 --> 00:08:18,010
So in our case, our user has been set and I want to say only type of the file.

93
00:08:18,040 --> 00:08:19,510
I don't want any directress.

94
00:08:19,960 --> 00:08:23,820
And what I want to do is I want to say a could download.

95
00:08:24,310 --> 00:08:30,400
So we have seen this redirection of of error to the owner.

96
00:08:31,510 --> 00:08:32,530
Now, if I hit enter.

97
00:08:34,890 --> 00:08:42,720
Now you can see, but let me stop this one, you can see there are a lot of mental order with this user

98
00:08:42,720 --> 00:08:45,030
bit on are binaries.

99
00:08:46,510 --> 00:08:50,130
And if you don't, you can also see how many kids.

100
00:08:50,980 --> 00:08:59,410
So these are binary, which has the sweet pizzica so that with this command you can find the sweet binaries

101
00:08:59,410 --> 00:09:04,350
and we can do some privileges, which you'll be seeing in the escalation section.

102
00:09:04,930 --> 00:09:07,990
So I think that's all you need to know about this special permissions.