Basic Linux Privilege Escalation - g0tmi1k RSS BlogArchives

Before starting, I want to emphasize that - I'm not an expert. To the best of my knowledge, there isn't a 'magic' answer in this vast field.

This document presents my findings, typed up for sharing as my initial starting point. Below, you will find a collection of commands that achieve the same outcome, allowing us to examine things from different perspectives or in a new light. I am aware that there are more 'things' to explore.

Not every command will work on every system since Linux can vary significantly. The solution won't simply appear on the screen; you need to search for that 'little thing' because 'the devil is in the details.' Enumeration is crucial. Linux privilege escalation revolves around: Collect - Enumeration, extensive enumeration, and more enumeration. Process - Sort through the data, analyze it, and prioritize your findings. Search - Understand what to look for and where to find the exploit code. Adapt - Tailor the exploit to fit your needs. Not every exploit works on every system 'out of the box.' Try - Prepare for a lot of trial and error. Operating System: What is the distribution type? What version is it? 1 2 3 4 cat /etc/issue cat /etc/*-release cat /etc/lsb-release # Debian based cat /etc/redhat-release # Redhat based What is the kernel version? Is it 64-bit? 1 2 3 4 5 6 cat /proc/version uname -a uname -mrs rpm -q kernel dmesg | grep Linux ls /boot | grep vmlinuz- What can be learned from the environmental variables? 1 2 3 4 5 6 7 cat /etc/profile cat /etc/bashrc cat ~/.bash_profile