☑️Final Assessment

I found the final assessment on this a bit more complicated than I expected. I had to look for walkthroughs and this one helped me a lot. Things that I learned from this assessment:

If we can run sudo -l and find a binary we can run as sudo, we should search about it in GTFObins to see if and how we can use it to escalate privileges.

Always start by looking at history files, hidden files.

find / -type f -name *_history -exec ls -l {} \; 2>/dev/null
find / -type f -name ".*" -exec ls -l {} \; 2>/dev/null | grep username

And of course, check the users group with id as early as possible.

https://medium.com/@linas.radavicius/linux-local-privilege-escalation-skills-assessment-walkthrough-ad372836c44fmedium.com

PreviousHardening Linux NextIntroduction

Last updated 11 months ago