GreySec Forums
Ideas for Privilege Escalation (Linux) - Printable Version

+- GreySec Forums ()
+-- Forum: Security and Exploitation (/forumdisplay.php?fid=7)
+--- Forum: General Hacking and Security (/forumdisplay.php?fid=8)
+--- Thread: Ideas for Privilege Escalation (Linux) (/showthread.php?tid=6720)



Ideas for Privilege Escalation (Linux) - Insider - 04-29-2020

Ideas for Privilege Escalation (Linux)

Been reading up on privilege escalation for Linux lately. Just sharing some interesting links and methods for this. I'll make a complete guide/thread once I've gotten the hang of it more.

- Local root exploitation

In other words, kernel exploits. See thread: https://greysec.net/showthread.php?tid=1355

- Exploiting SUID (Set User ID) files or exploiting cronjobs.
https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
https://null-byte.wonderhowto.com/how-to/use-misconfigured-suid-bit-escalate-privileges-get-root-0173929/

https://www.hackingarticles.in/linux-privilege-escalation-by-exploiting-cron-jobs/
https://skyenet.tech/exploiting-cron-jobs/
https://www.armourinfosec.com/linux-privilege-escalation-by-exploiting-cronjobs/

- Using symbolic links to obtain root.
https://security.stackexchange.com/questions/112549/symbolic-links-path-and-privilege-escalation-vulnerability
https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/

- IFS exploitation.
http://www.dankalia.com/tutor/01005/0100501004.htm
https://github.com/frizb/Linux-Privilege-Escalation/blob/master/README.md
https://stackoverflow.com/questions/21068650/exploiting-suid-files-with-ld-preload-and-ifs


RE: Ideas for Privilege Escalation (Linux) - thunder011 - 04-29-2020

https://book.hacktricks.xyz/ is also good resource for privilege escalation techniques.


RE: Ideas for Privilege Escalation (Linux) - DeepLogic - 04-30-2020

https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Kinda dated, but still relevant post by the legendary g0tmi1k