Linux PrivEsc Checklist
Linux privilege escalation methodology
Linux Privilege EscalationTip: Click on any node to see related information!
Interactive Mind Map
graph TD
A[Initial Shell] --> B[sudo -l]
B --> C[SUID Binaries]
C --> D[Capabilities]
D --> E[Cron Jobs]
E --> F[Writable Scripts]
F --> G[Kernel Exploits]
G --> H[Passwords/Keys]
H --> I[NFS/Docker]
B -->|Found| J[GTFOBins]
C -->|Found| J
D -->|Found| J
Related Modules
Quick Reference
Enumeration
id; whoami; hostname # Basic user info uname -a # Kernel version info cat /etc/os-release # OS distribution info sudo -l # Check sudo privileges
SUID
find / -perm -4000 2>/dev/null # Find SUID binaries
Capabilities
getcap -r / 2>/dev/null # List file capabilities
Cron
cat /etc/crontab # View system cron jobs ls -la /etc/cron.* # List cron directories
Writable Files
find / -writable -type f 2>/dev/null # Find world-writable files
Tools
./linpeas.sh # Run LinPEAS enumeration script ./linux-exploit-suggester.sh # Check for kernel exploits