linux privesc privilege escalation sudo su admin priv esc
Links
https://gtfobins.github.io/ https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Enumeration
Search for sudo configuration issues
# Check who has sudo permissions
sudo -l
cat /etc/sudoers
# Find SUID / GUID bits
find / -perm -u=s -type f 2>/dev/null
find / -perm -g=s -type f 2>/dev/null
# Find world writable files & directories
find / -writable -type d 2>/dev/null
find / -perm -222 -type d 2>/dev/null
find / -perm -o w -type d 2>/dev/null
# Find world executable folder
find / -perm -o x -type d 2>/dev/null
# Find world writable and executable folders
find / \( -perm -o w -perm -o x \) -type d 2>/dev/null
# Run as superuser
su -u user [command]
sudo [command] [path]
Check Processes
ps aux | grep root
# Process spy (PSPY) captures root processes running without needing privs
./pspy