TamaGorengs Notes
  • πŸ‘¨β€πŸ’»Whoami
  • πŸ—ΊοΈActive Directory
    • Active Directory Enumeration
    • AD Reconnaissance
      • LDAP
    • Movement
      • Kerberos
        • ASREProast
        • Pass The Hash
        • Pass The Ticket
        • Overpass The Hash
      • Credential
        • Dumping
          • DCSync
      • WMI and WinRM
    • Active Directory Certificate Services (ADCS)
  • πŸͺŸWindows
    • Windows Privilege Escalation
      • WinPrivEsc Enumeration
      • Leveraging Windows Services
      • Abusing Other Windows Components
    • RDP
  • 🐧Linux
    • Linux Privilege Escalation
      • LinuxPrivEsc Enumeration
      • Exposed Confidential Information
      • Insecure File Permissions
      • Insecure System Components
  • πŸ•ΈοΈWeb Application
    • SQL Injection
    • Cross-Site Scripting (XSS)
  • Group 1
    • Client-Side Attacks
      • Windows Library Files
      • Exploiting Microsoft Office
  • Thick Client
    • Thick Client Pentest
    • Thick Client Pentest Methodology
Powered by GitBook
On this page
  • Abusing Setuid Binaries and Capabilities
  • Abusing Sudo
  • Abusing Kernel

Was this helpful?

  1. Linux
  2. Linux Privilege Escalation

Insecure System Components

Abusing Setuid Binaries and Capabilities

Check for SUID

find / -perm -u=s -type f 2>/dev/null

Check capabilities

/usr/sbin/getcap -r / 2>/dev/null

Abusing Sudo

sudo -l

Abusing Kernel

cat /etc/issue
uname -r
arch
PreviousInsecure File PermissionsNextSQL Injection

Last updated 4 months ago

Was this helpful?

🐧