Linux Privilege Escalation
Privilege Escalation
Overview
Techniques to escalate privileges on Linux systems.
3
Exercises
4
Flashcards
1
Mind Maps
Cheatsheet
Enumeration
id; whoami; hostname # Basic user info uname -a # Kernel version info cat /etc/os-release # OS distribution info sudo -l # Check sudo privileges
SUID
find / -perm -4000 2>/dev/null # Find SUID binaries
Capabilities
getcap -r / 2>/dev/null # List file capabilities
Cron
cat /etc/crontab # View system cron jobs ls -la /etc/cron.* # List cron directories
Writable Files
find / -writable -type f 2>/dev/null # Find world-writable files
Tools
./linpeas.sh # Run LinPEAS enumeration script ./linux-exploit-suggester.sh # Check for kernel exploits
Command Examples
Common Pitfalls
- Not checking sudo -l
- Missing SUID binaries
Exam Survival Tips
- Always run linpeas
- Check GTFOBins