Linux Privilege Escalation for Beginners
Linux Privilege Escalation for Beginners

2020 launch! Learn how to escalate privileges on Linux machines with absolutely no filler.

Created by Heath Adams, TCM Security Inc.
Language English

Linux Privilege Escalation for Beginners

Linux Privilege Escalation for Beginners
Linux Privilege Escalation for Beginners

2020 launch! Learn how to escalate privileges on Linux machines with absolutely no filler.

Created by Heath Adams, TCM Security Inc.
Language English
1. Introduction
  • 1. Introduction 00:07:59
  • 1.1 The Cyber Mentor Website .html
  • 1.2 TCM Security .html
  • 2. Course Tips & Resources 00:05:48
  • 2.1 Linux - Privilege Escalation .html
  • 2.2 Basic Linux Privilege Escalation .html
  • 2.3 Checklist - Linux Privilege Escalation .html
  • 2.4 Sushant 747s Guide .html
  • 3. Course Repo .html
2. Lab Overview & Initial Access
  • 1. Lab Overview & Initial Access 00:07:17
  • 1.1 Linux PrivEsc Lab .html
  • 1.2 TryHackMe .html
3. Initial Enumeration
  • 1. System Enumeration 00:06:08
  • 2. User Enumeration 00:04:52
  • 3. Network Enumeration 00:04:09
  • 4. Password Hunting 00:05:51
4. Exploring Automated Tools
  • 1. Introduction 00:04:41
  • 1.1 Linux Exploit Suggester .html
  • 1.2 LinEnum .html
  • 1.3 Linux Priv Checker .html
  • 1.4 LinPEAS .html
  • 2. Exploring Automated Tools 00:11:40
5. Escalation Path Kernel Exploits
  • 1. Kernel Exploits Overview 00:03:17
  • 1.1 Kernel Exploits .html
  • 2. Escalation via Kernel Exploit 00:06:06
6. Escalation Path Passwords & File Permissions
  • 1. Overview 00:00:34
  • 2. Escalation via Stored Passwords 00:08:31
  • 3. Escalation via Weak File Permissions 00:10:36
  • 4. Escalation via SSH Keys 00:05:39
7. Escalation Path Sudo
  • 1. Sudo Overview 00:01:15
  • 2. 002 - Escalation via Sudo Shell Escaping 00:06:39
  • 2.1 Linux PrivEsc Playground .html
  • 2.2 GTFOBins .html
  • 3. Escalation via Intended Functionality 00:04:41
  • 3.1 wget Example .html
  • 4. Escalation via LD PRELOAD 00:07:01
  • 5. Challenge Overview 00:01:18
  • 6. Challenge Walkthrough 00:12:45
  • 6.1 dirsearch GitHub .html
  • 6.2 Exploit-DB for Simple CMS .html
  • 7. CVE-2019-14287 Overview 00:03:14
  • 7.1 Exploit-DB for CVE-2019-14287 .html
  • 8. Escalation via CVE-2019-14287 00:02:35
  • 8.1 Exploit-DB for CVE-2019-14287 .html
  • 9. Overview & Escalation via CVE-2019-18634 00:06:42
  • 9.1 CVE-2019-18634 GitHub .html
8. Escalation Path SUID
  • 1. SUID Overview 00:08:21
  • 2. Gaining a Foothold 00:13:04
  • 3. Escalation via SUID 00:06:34
9. Escalation Path Other SUID Escalation
  • 1. Escalation via Shared Object Injection 00:11:28
  • 2. Escalation via Binary Symlinks 00:09:29
  • 2.1 Nginx Exploit .html
  • 3. Escalation via Environment Variables 00:11:13
10. Escalation Path Capabilities
  • 1. Capabilities Overview 00:03:36
  • 1.1 Linux Privilege Escalation Using Capabilities .html
  • 1.2 SUID vs Capabilities .html
  • 1.3 Linux Capabilities Privilege Escalation via OpenSSL with SELinux Enabled and Enforced .html
  • 2. Escalation via Capabilities 00:02:43
11. Escalation Path Scheduled Tasks
  • 1. Cron Jobs & Systemd Timers Overview 00:04:59
  • 2. Escalation via Cron Paths 00:02:53
  • 3. Escalation via Cron Wildcards 00:05:24
  • 4. Escalation via Cron File Overwrites 00:03:48
  • 5. Challenge Overview 00:00:49
  • 6. Challenge Walkthrough 00:19:09
12. Escalation Path NFS Root Squashing
  • 1. Overview & Escalation via NFS Root Squashing 00:06:00
13. Escalation Path Docker
  • 1. Overview 00:01:26
  • 2. Gaining a Foothold 00:09:59
  • 3. Escalation via Docker 00:05:04
14. Capstone Challenge
  • 1. Capstone Overview 00:01:53
  • 2. Capstone Walkthrough 1 00:15:49
  • 3. Capstone Walkthrough 2 00:11:25
  • 4. Capstone Walkthrough 3 00:18:21
  • 5. Capstone Walkthrough 4 00:21:36
  • 6. Capstone Walkthrough 5 00:40:48
15. Wrapping Up
  • 1. Conclusion 00:01:57
16. BONUS Section
  • 1. Bonus Video 00:03:27
  • 1.1 TCM Security .html
  • 1.2 The Cyber Mentor Website .html
  • 1.3 The Cyber Mentor YouTube .html
  • 1.4 The Cyber Mentor Twitter .html
  • 1.5 The Cyber Mentor Twitch .html