Skip to content

Latest commit

 

History

History
147 lines (120 loc) · 8.82 KB

Linux_Privilege_Escalation_1.md

File metadata and controls

147 lines (120 loc) · 8.82 KB

REFERENCES:
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md#eop---incorrect-permissions-in-services
https://0xrick.github.io/hack-the-box/conceal/
https://github.com/rhodejo/OSCP-Prep/blob/master/Priv-Esc.md
https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/
https://www.hackingarticles.in/category/privilege-escalation/

Linux Privilege escalation Boxes
https://www.hackingarticles.in/privilege-escalation-cheatsheet-vulnhub/

1.Abusing Sudo Rights
2.SUID Bit
3.Kernel Exploit
4.Path Variable
5.Enumeration
6.MySQL
7.Crontab
8.Wildcard Injection
9.Capabilities
10.Writable etc/passwd file
11.Writable files or script as root
12.Buffer Overflow
13.Docker

1.Abusing Sudo Rights
1. Ted:1 :https://www.hackingarticles.in/ted1-vulnhub-walkthrough/
2. KFIOFan: 1 :https://www.hackingarticles.in/kfiofan1-vulnhub-walkthrough/
3. 21 LTR: Scene1: https://www.hackingarticles.in/hack-the-21ltr-scene-1-vm-boot-to-root/
4. Skytower: https://www.hackingarticles.in/hack-the-skytower-ctf-chAllenge/
5. Matrix: 1 https://www.hackingarticles.in/matrix-1-vulnhub-walkthrough/
6. Sputnik 1 https://www.hackingarticles.in/sputnik-1-vulnhub-walkthrough/
7. Sunset https://www.hackingarticles.in/sunset-vulnhub-walkthrough/
8. DC-2 https://www.hackingarticles.in/dc-2-walkthrough/
9. Kioptrix: Level 1.2 https://www.hackingarticles.in/hack-the-kioptrix-level-1-2-boot2root-chAllenge/
10. Matrix-3 https://www.hackingarticles.in/matrix-3-vulnhub-walkthrough/

2.SUID Bit
1. Kevgir https://www.hackingarticles.in/hack-kevgir-vm-ctf-challenge/
2. digitalworld.local – BRAVERY https://www.hackingarticles.in/digitalworld-local-bravery-vulnhub-walkthrough/
3. Happycorp: 1 https://www.hackingarticles.in/happycorp1-vulnhub-walkthrough/
4. FourAndSix: 2 https://www.hackingarticles.in/fourandsix-2-vulnhub-walkthrough/
5. DC-1 https://www.hackingarticles.in/dc-1-vulnhub-walkthrough/https://www.hackingarticles.in/dc-1-vulnhub-walkthrough/
6. dpwwn:2 https://www.hackingarticles.in/dpwwn2-vulnhub-walkthrough/
7. MinU: v2 https://www.hackingarticles.in/minu-v2-vulnhub-walkthrough/
8. Toppo:1 https://www.hackingarticles.in/hack-the-toppo1-vm-ctf-challenges/
9. Mr. Robot https://www.hackingarticles.in/hack-mr-robot-vm-ctf-challenge/
10. Covfefe https://www.hackingarticles.in/hack-covfefe-vm-ctf-challenge/

3.Kernel Exploit
1. pWnOS -1.0 https://www.hackingarticles.in/hack-the-pwnos-1-0-boot-to-root/
2. LAMPSecurity: CTF 5 https://www.hackingarticles.in/hack-the-lampsecurity-ctf-5-ctf-challenge
3. Kioptrix : Level 1.1 https://www.hackingarticles.in/hack-the-kioptrix-level-2-boot2root-challenge/
4. Hackademic-RTB1 https://www.hackingarticles.in/hack-the-hackademic-rtb1-vm-boot-to-root/
5. Hackademic-RTB2 https://www.hackingarticles.in/hack-the-hackademic-rtb2-boot2root/
6. ch4inrulz : 1.0.1 https://www.hackingarticles.in/hack-the-ch4inrulz-1-0-1-ctf-challenge/
7. Kioprtix: 5 https://www.hackingarticles.in/hack-the-kioptrix-5-ctf-challenge/
8. Simple https://www.hackingarticles.in/hack-simple-vm-ctf-challenge/
9. SecOS: 1 https://www.hackingarticles.in/hack-the-secos1-ctf-challenge/
10. Droopy https://www.hackingarticles.in/hack-droopy-vm-ctf-challenge/

4.Path Variable
1. PwnLab https://www.hackingarticles.in/penetration-testing-pwnlab-ctf-challenge/
2. USV https://www.hackingarticles.in/hack-usv-vm-ctf-challenge/
3. Zeus:1 https://www.hackingarticles.in/zeus1-vulnhub-walkthrough/
4. The Gemini inc https://www.hackingarticles.in/hack-the-gemini-inc-ctf-challenge/
5. EW-Skuzzy https://www.hackingarticles.in/hack-ew-skuzzy-vm-ctf-challenge
6. Nullbyte https://www.hackingarticles.in/hack-nullbyte-vm-ctf-challenge/
7. symfonos : 1 https://www.hackingarticles.in/symfonos1-vulnhub-walkthrough/
8. Silky-CTF: 0x01 https://www.hackingarticles.in/silky-ctf-0x01-vulnhub-walkthrough/
9. Beast 2 https://www.hackingarticles.in/beast-2-vulnhub-walkthrough/

5.Enumeration
1. The Library:1 https://hackingarticles.in/the-library1-vulnhub-walkthrough/
2. The Library:2 https://www.hackingarticles.in/the-library2-vulnhub-walkthrough/
3. LAMPSecurity: CTF 4 https://www.hackingarticles.in/hack-the-lampsecurity-ctf4-ctf-challenge/
4. LAMPSecurity: CTF 7 https://www.hackingarticles.in/hack-the-lampsecurity-ctf-7-ctf-challenge/
5. Xerxes: 1 https://www.hackingarticles.in/xerxes-1-vulnhub-walkthrough
6. pWnOS -2.0 https://www.hackingarticles.in/hack-the-pwnos-2-0-boot-2-root-challenge
7. DE-ICE:S1.130 https://www.hackingarticles.in/hack-the-de-ice-s1-130-boot2root-challenge/
8. SickOS 1.1 https://www.hackingarticles.in/hack-sickos-1-1-vm-ctf-challenge
9. Tommyboy https://www.hackingarticles.in/hack-tommyboy-vm-ctf-challenge
10. VulnOS: 1 https://www.hackingarticles.in/hack-the-vulnos-1-ctf-challenge
6.MySQL

Kioptrix : Level 1.3 https://www.hackingarticles.in/hack-the-kioptrix-level-1-3-boot2root-challenge/
Raven https://www.hackingarticles.in/hack-the-raven-walkthrough-ctf-challenge/
Raven : 2 https://www.hackingarticles.in/raven-2-vulnhub-walkthrough/
7.Crontab

Billy Madison https://www.hackingarticles.in/hack-billy-madison-vm-ctf-challenge/
dpwwn: 1 https://www.hackingarticles.in/dpwwn-1-vulnhub-walkthrough/
BSides Vancuver: 2018 https://www.hackingarticles.in/hack-the-bsides-vancouver2018-vm-boot2root-challenge/
Jarbas : 1 https://www.hackingarticles.in/hack-the-jarbas-1-ctf-challenge/
SP:Jerome https://www.hackingarticles.in/spjerome-vulnhub-walkthrough/

8.Wildcard Injection

Milnet https://www.hackingarticles.in/hack-milnet-vm-ctf-challenge/
Pipe https://www.hackingarticles.in/hack-pipe-vm-ctf-challenge/

9.Capabilities

Kuya : 1 https://www.hackingarticles.in/vulnhub-kuya-1-walkthrough/
DomDom: 1 https://www.hackingarticles.in/domdom-1-vulnhub-walkthrough/
10.Writable /etc/passwd file

Hackday Albania https://www.hackingarticles.in/hack-hackday-albania-vm-ctf-challenge/
Billu Box 2 https://www.hackingarticles.in/hack-billu-b0x-vm-boot2root-challenge/
Bulldog 2 https://www.hackingarticles.in/hack-the-bulldog2-ctf-challenge/

11.Writable files or script as root

Skydog https://www.hackingarticles.in/hack-skydog-vm-ctf-challenge/
Breach 1.0 https://www.hackingarticles.in/hack-breach-1-0-vm-ctf-challenges/
Bot Challenge: Dexter https://www.hackingarticles.in/hack-bot-challenge-dexter-boot2root-challenge/
Fowsniff : 1 https://www.hackingarticles.in/fowsniff-1-vulnhub-walkthrough/
Mercy https://www.hackingarticles.in/mercy-vulnhub-walkthrough/
Casino Royale https://www.hackingarticles.in/casino-royale-1-vulnhub-walkthrough/
SP eric https://www.hackingarticles.in/sp-eric-vulnhub-lab-walkthrough/
PumpkinGarden https://www.hackingarticles.in/pumpkingarden-vulnhub-walkthrough/
dpwwn: 1 https://www.hackingarticles.in/dpwwn-1-vulnhub-walkthrough/
Tr0ll: 3 https://www.hackingarticles.in/tr0ll-3-vulnhub-walkthrough/

12.Buffer Overflow
1. Tr0ll 2 https://www.hackingarticles.in/hack-the-tr0ll-2-boot2root-challenge/
2. IMF https://www.hackingarticles.in/hack-imf-vm-ctf-challenge/
3. BSides London 2017 https://www.hackingarticles.in/hack-the-bsides-london-vm-2017boot2root/
4. PinkyPalace https://www.hackingarticles.in/hack-the-pinkypalace-vm-ctf-challenge/
5. ROP Primer https://www.hackingarticles.in/hack-the-rop-primer-1-0-1-ctf-challenge/
6. CTF KFIOFAN:2 https://www.hackingarticles.in/ctf-kfiofan-2-vulnhub-walkthorugh/
7. Kioptrix : Level 1 https://www.hackingarticles.in/hack-the-kioptrix-level-1/
8. Silky-CTF: 0x02 https://www.hackingarticles.in/silky-ctf-0x02-vulhub-walkthrough/

13.Docker

Donkey Docker https://www.hackingarticles.in/hack-donkeydocker-ctf-challenge/
Game of Thrones https://www.hackingarticles.in/hack-game-thrones-vm-ctf-challenge/
HackinOS : 1 https://www.hackingarticles.in/hackinos1-vulnhub-lab-walkthrough/