Linux Privilege Escalation Techniques
Training Overview
The "Linux Privilege Escalation Techniques" training focuses on methods and strategies for privilege escalation in Linux operating systems. This training is designed for participants who seek to gain higher-level access rights on a system. The training begins with the information gathering phase, which is critical for understanding the target system's configuration, installed applications, and potential vulnerabilities. Participants will learn various privilege escalation techniques they can use when they have limited access to a system.
The training covers topics such as sudo configurations, exploitation of the Suid bit, manipulation of cron jobs, attacks on shared libraries, and exploitation of system capabilities. Current vulnerabilities like Dirty Pipe and methods for privilege escalation via vulnerable services are also discussed, keeping participants informed about the latest security issues. Additionally, tools and resources that can be used during the privilege escalation process are provided.
What You Will Learn
- How to find and exploit misconfigured Sudo rules.
- How to abuse SUID/SGID binaries to gain higher privileges.
- How to hijack Cron jobs and exploit writable shared libraries.
- How to identify and exploit kernel vulnerabilities like Dirty Pipe.
Who is this for?
- Penetration Testers and Ethical Hackers.
- Red Team operators.
- System administrators wanting to understand attack vectors.
Prerequisites
- Strong proficiency in the Linux command line.
- A good understanding of Linux permissions and processes.
Tools You Will Use
- LinPEAS
- LinEnum
- GTFOBins
- pspy
Training Sections
- Introduction
- Sudo
- SUID
- Cron Jobs
- Capabilities
- Shared Libraries
- Dirty Pipe
- Vulnerable Services
- Tools and Resources
- Exam