π§ Linux Privilege Escalation for Pentesters
A practical Linux Privilege Escalation cheat sheet designed for penetration testers, OSCP aspirants, red teamers, and CTF players to understand how attackers escalate privileges on Linux systems after gaining initial access.
π΅ Telegram β Join Channel
β« Twitter/X β Follow Us
π£ Discord β Join Server
πΌ LinkedIn β Follow HackingArticles
π Join Our Cybersecurity Training Program
Hands-on training in Penetration Testing, Red Teaming, and Cybersecurity.
| # | Topic | Description | Article |
|---|---|---|---|
| 1 | π Abusing Sudo Rights | Escalate privileges by abusing misconfigured sudo permissions | Read Article |
| 2 | βοΈ SUID Binaries | Exploit SUID binaries to execute commands with elevated privileges | Read Article |
| 3 | 𧩠Linux Capabilities | Abuse Linux capabilities assigned to binaries for privilege escalation | Read Article |
| 4 | π¦ LXD Privilege Escalation | Escalate privileges using LXD container misconfiguration | Read Article |
| 5 | π³ Docker Privilege Escalation | Gain root access via Docker container misconfiguration | Read Article |
| 6 | β° Exploiting Cron Jobs | Abuse scheduled cron jobs to execute malicious commands | Read Article |
| 7 | π Writable /etc/passwd File | Escalate privileges by modifying the /etc/passwd file | Read Article |
| 8 | π Misconfigured NFS | Exploit NFS misconfigurations to gain root privileges | Read Article |
| 9 | π Exploiting Wildcard | Abuse wildcard expansion in scripts to escalate privileges | Read Article |
| 10 | π§ LD_PRELOAD | Inject malicious libraries via LD_PRELOAD to escalate privileges | Read Article |
| 11 | π οΈ PATH Variable Exploit | Exploit PATH variable misconfiguration to run malicious binaries | Read Article |
| 12 | π Python Library Hijacking | Hijack Python libraries used by privileged scripts | Read Article |
| 13 | π Polkit (CVE-2021-3560) | Exploit Polkit vulnerability to gain root privileges | Read Article |
| 14 | π£ PwnKit (CVE-2021-4034) | Exploit pkexec vulnerability to escalate privileges | Read Article |
| 15 | 𧨠DirtyPipe (CVE-2022-0847) | Exploit Linux kernel DirtyPipe vulnerability for privilege escalation | Read Article |