From 25c432a109344f721153a690619693c6efad6a3f Mon Sep 17 00:00:00 2001
From: Victor Ramos Mello <772792+m0nad@users.noreply.github.com>
Date: Fri, 12 Mar 2021 23:39:52 +0100
Subject: [PATCH] Add TTY Input Pushback Privilege Escalation to Linux

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index b145a22..24b0e48 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,7 @@ A curated list of awesome privilege escalation
  - [Privilege escalation: Linux](https://vulp3cula.gitbook.io/hackers-grimoire/post-exploitation/privesc-linux)
  - [Privilege Escalation & Post-Exploitation](https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/PrivescPostEx.md)
  - [Reach the root! How to gain privileges in Linux?](https://hackmag.com/security/reach-the-root/)
+ - [TTY Input Pushback Privilege Escalation](https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/): When user working as root switches to another user with su and happens to execute the pushback program as that user, the tty input data pushed back is executed in the shell and context of user root.
  - [Understanding Privilege Escalation](http://www.admin-magazine.com/Articles/Understanding-Privilege-Escalation): Some techniques malicious users employ to escalate their privileges on a Linux system.
 
 ### Escape restricted shells