Linux Privilege Escalation Example
Privilege escalation is when someone exploits an error, design failure or application configuration, into an operating system or application. Privilege escalation is used to get administrative access into operating systems and applications by malicious users. Most systems have two types of user profiles: users which configure the system with administrator privilege and users which use the system without administrator privilege. Therefore, privilege escalation exploits are used by attackers to get superuser privileges into systems.
There are many web pages out there where we can find privilege escalation exploits which can be used to get into operating systems and applications. Most of them take advantage of bugs and vulnerabilities. One of them, which have many exploits and I like it, is the Exploits Database by Offensive Security where we can search exploits and shellcodes by CVE and platforms. In addition, we can even download the vulnerable application and information to learn how to get into the system.
I’ve uploaded to my YouTube channel a new video where we can watch how to get root access in a Linux machine with a local privilege escalation exploit, which I’ve downloaded from www.exploit-db.com. This exploit takes advantage of a vulnerability in Linux Kernel 2.6.39 < 3.2.2. On the other hand, we can also watch how to get remote root access abusing the weak service permission configuration on Linux. As we can watch, privilege escalation is got through bugs and vulnerabilities but also through misconfiguration.
Regards my friends. Keep studying. Keep testing!!