Course Overview
This course is designed to provide a comprehensive understanding of privilege escalation techniques in Linux environments. You’ll explore various privilege escalation methods and gain hands-on experience with essential tools. By the end of this course, you’ll have the skills to identify and exploit common privilege escalation vulnerabilities in Linux systems.
Course Outline
Introduction to Privilege Escalation
Understanding UID/GID concepts
Root shells and reverse shells
Overview of privilege escalation importance in cybersecurity
Linux Fundamentals for Privilege Escalation
Basic Linux commands and shell usage
Linux permission model
Privilege Escalation Tools
Introduction to Linux Smart Enumeration (LSE)
Using LinEnum for system enumeration
Other popular enumeration and privilege escalation tools
Kernel Exploits
Understanding kernel vulnerabilities
Case study: DirtyCow exploit
Service Exploits
Identifying vulnerable services
Example: Exploiting CVE-2016-1531
File Permission Based Attacks
Weak file permissions
Exploiting misconfigured backup files
Using Google dorks for information gathering
Sudo Misconfigurations
Understanding sudo and its security implications
Exploiting sudo rights
Cron Job Exploitation
Introduction to cron jobs
Identifying and exploiting vulnerable cron jobs
SUID/SGID Binary Exploitation
Understanding SUID and SGID permissions
Identifying and exploiting SUID/SGID binaries
And More!
By the end of this course, you will be able to:
Understand the fundamental concepts of Linux permissions and privilege escalation
Use various tools to enumerate Linux systems for vulnerabilities
Identify and exploit kernel and service vulnerabilities
Leverage misconfigurations in file permissions, sudo, cron jobs, and SUID/SGID binaries
Prerequisites:
Basic understanding of Linux
Familiarity with Linux permissions
Ability to use a Linux shell
