Privilege Escalation

From skiddie to root

Florian Charbonneau - @DrStache_ - HACK2G2

Whoami

Introduction

Lin.security

Practise your Linux privilege escalation foo

Any User

Weak Password

Hidden/Config File

Hash in /etc/passwd

 Hash in /etc/passwd

Hash in /etc/passwd

SUID

SUID

GTFOBins

Cron Job

Cron job

Bob User

Bob the sudoer

Sudo

Sudo

Sudo

Susan User

SU(ID)san

SUID

SUID

SUID

Peter User

Docker is not Peter

NFS

NFS

NFS

NFS

Sudo

Docker

Docker

Systemd

Systemd

Systemd

Others PrivEsc

Programs running

Kernel/Binary Exploit

Sudo Python

Sudo

Sudo Wildcard

Sudo Wildcard

Thanks!

Questions?

HACK2G2 | Privilege Escalation

By Florian Charbonneau

HACK2G2 | Privilege Escalation

Presentation 27/09/2018

  • 221
Loading comments...

More from Florian Charbonneau