/Linux-Privilege-Escalation-Resources

Compilation of Resources for TCM's Linux Privilege Escalation course

Linux-Privilege-Escalation-Resources

Compilation of Resources for TCM's Linux Privilege Escalation course

General Links

TCM Website: https://www.thecybermentor.com/

TCM-Sec: https://tcm-sec.com/

Course:

Twitch: https://www.twitch.tv/thecybermentor

Twitter: https://twitter.com/thecybermentor

YouTube: https://www.youtube.com/c/thecybermentor

TryHackMe: https://tryhackme.com/

LinuxPrivEscArena: https://tryhackme.com/room/linuxprivescarena

Introduction

Basic Linux Priv Esc: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Linux Priv Esc PayloadAllTheThings: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md

Linux Priv Esc Checklist: https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist

Sushant 747's Guide: https://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_-_linux.html

Exploring Automated Tools

LinPEAS: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS

LinEnum: https://github.com/rebootuser/LinEnum

Linux exploit suggester: https://github.com/mzet-/linux-exploit-suggester

LinuxPrivChecker: https://github.com/sleventyeleven/linuxprivchecker

Escalation Path: Kernel Exploits

Kernel Exploits: https://github.com/lucyoa/kernel-exploits

Escalation Path: Sudo

GTFOBins: https://gtfobins.github.io/

LinuxPrivEscPlayground: https://tryhackme.com/room/privescplayground

wget example: https://veteransec.com/2018/09/29/hack-the-box-sunday-walkthrough/

dirsearch: https://github.com/maurosoria/dirsearch

CMS Made Simple ExploitDB: https://www.exploit-db.com/exploits/46635

CVE-2019-14287 ExploitDB: https://www.exploit-db.com/exploits/46635

CVE-2019-18634 GitHub: https://github.com/saleemrashid/sudo-cve-2019-18634

Escalation Path: Other SUID Escalation

Nginx Exploit: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

Escalation Path: Capabilities

Priv Esc using Capabilities: https://www.hackingarticles.in/linux-privilege-escalation-using-capabilities/

SUID vs. Capabilities: https://mn3m.info/posts/suid-vs-capabilities/

Capabilites Priv Esc w/ OpennSLL and Selinux enabled and enforced: https://medium.com/@int0x33/day-44-linux-capabilities-privilege-escalation-via-openssl-with-selinux-enabled-and-enforced-74d2bec02099