Linux Privilage Escalation

• Enumerating Linux

• Exposed Confidential Information

• Insecure File Permissions

• Abusing System Linux components

As with many other attack techniques, escalating privileges requires us to collect knowledge about the target. This is accomplished by enumerating the operating system for any kind of misconfiguration or software vulnerability that can be leveraged for our purposes.

As documented within the MITRE ATT&CK Framework, privilege escalation is a tactic comprising different techniques that aim to leverage user permissions to access restricted resources.

Understanding Files and Users Privileges on Linux

One of the defining features of Linux and other UNIX derivatives is that most resources, including files, directories, devices, and even network communications are represented in the filesystem.823 Put colloquially, “everything is a file”

Every file (and by extension every element of a Linux system) abides by user and group permissions based on three primary properties: read (symbolized by r), write (symbolized by w),and execute (symbolized by x). Each file or directory has specific permissions for three categories of users: the owner, the owner group and others group.

Each permission (rwx) allows the designated collection of users to perform different actions depending on if the resource is a file or a directory

For Example

kali@kali:~$ ls -l /etc/shadow
-rw-r----- 1 root shadow 1751 May 2 09:31 /etc/shadow