Linux Privilage Escalation

Herramientas automatizadas para recolectar información

LinPEASS

PEASS-ng/linPEAS at master · peass-ng/PEASS-ngGitHub

LinuxExploitSuggester

GitHub - The-Z-Labs/linux-exploit-suggester: Linux privilege escalation auditing toolGitHub

Permisos de Sudo

sudo -l

Permisos de SUID

find / -perm -4000 2>/dev/null

Permisos de Capabilities

getcap -r 2>/dev/null

Vulnerabilidades comunes

Pkexec (SUID) --> PwnKit (CVE-2021.4034)

GitHub - ly4k/PwnKit: Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege EscalationGitHub