Escalation of Privileges
66 views
Skip to first unread message
bganeshmail
Oct 12, 2016, 3:17:45 AM10/12/16
to null
All:
If we have penetrated into the linux system and we are with normal user privileges now and in case if we want to escalate the privileges to root .
1.If we do not find any vulnerabilities for the service currently running.
2.If the services are listed under NMAP listing does not have any security vulns.
How do we further extend to find other vulns exist in system and is there any mechanism to do such findings ( Without using vulnerability scanners).
Regards,
Ganesh B
Anant Shrivastava
Oct 12, 2016, 3:22:12 AM10/12/16
to null-...@googlegroups.com
Start with https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ there are some automated tools aka scripts created by folks such as https://github.com/rebootuser/LinEnum which can help you in pinpointing.
keyword here is that you have normal privilege. there is a channel available you need to look for elevation via internal system's. Kernel level bugs would be first preference. root owned process and misconfiguration in files would be second stop.
Hope this helps.
--
______________________________________________________________________________
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
______________________________________________________________________________
se7enth edition of nullcon Goa (Mar 9-12, 2016)
http://nullcon.net
---
You received this message because you are subscribed to the Google Groups "null" group.
To unsubscribe from this group and stop receiving emails from it, send an email to null-co-in+unsubscribe@googlegroups.com.
Visit this group at https://groups.google.com/group/null-co-in.
For more options, visit https://groups.google.com/d/optout.
Amilcar de Leon
Oct 17, 2016, 9:11:32 AM10/17/16
to null-...@googlegroups.com
I recommend you to take a look at this sites
--
Amilcar de León
[Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for]
bganeshmail .
Oct 19, 2016, 9:46:17 AM10/19/16
to null-...@googlegroups.com
Excellent Information.Thanks a lot Anant and Leon.
Epayan
Oct 25, 2016, 5:19:39 PM10/25/16
to null
Thanks @Anant Shrivastava, I like to add one more link to his post. The repository for the collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
https://github.com/1N3/PrivEsc
Credits: CrowdShield for maintaining and sharing this.
https://github.com/1N3/PrivEsc
Credits: CrowdShield for maintaining and sharing this.
The Insecurehermit
Oct 26, 2016, 6:13:12 AM10/26/16
to null-...@googlegroups.com
Since we are talking about privilege escalation on Linux, this is a good read -
https://www.amazon.com/gp/product/B00PKTGLWM
https://www.amazon.com/gp/product/B00PKTGLWM
--
bganeshmail .
Oct 26, 2016, 6:13:27 AM10/26/16
to null-...@googlegroups.com
Excellent information.Thank you all.
I also got one more script from securitysift but we need to do some tweakings in the sploit section in order to accommodate latest exploit-db...I am not sure if there is any updated version for this script
On Tue, Oct 25, 2016 at 10:35 PM, Epayan <nandhh...@gmail.com> wrote:
--
Reply all
Reply to author
Forward
0 new messages