LK-MODPROBE-PATHPrivilege Escalation

modprobe_path Overwrite

Overwrite /proc/sys/kernel/modprobe to point at attacker binary, then trigger a kernel call that auto-loads a missing module — runs attacker binary as root.

§ Where this technique fits

LK-MODPROBE-PATH is catalogued under the Privilege Escalation tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 4 on average.

§ Dossiers chaining this technique

io_uring UAF → modprobe_path overwrite → root
Use an io_uring UAF to land arbitrary kernel write, repoint /proc/sys/kernel/modprobe to an attacker binary, then trigger a kernel auto-modprobe — runs the binary as root.
step 4 / 6

§ What commonly comes next

01
Command and Scripting Interpreter
T1059 · Execution
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

io_uring UAF → modprobe_path overwrite → root

§ What commonly comes next