• Stars
    star
    521
  • Rank 84,952 (Top 2 %)
  • Language
  • Created over 4 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Compilation of Resources for TCM's Linux Privilege Escalation course

Linux-Privilege-Escalation-Resources

Compilation of Resources for TCM's Linux Privilege Escalation course

General Links

TCM Website: https://www.thecybermentor.com/

TCM-Sec: https://tcm-sec.com/

Course:

Twitch: https://www.twitch.tv/thecybermentor

Twitter: https://twitter.com/thecybermentor

YouTube: https://www.youtube.com/c/thecybermentor

TryHackMe: https://tryhackme.com/

LinuxPrivEscArena: https://tryhackme.com/room/linuxprivescarena

Introduction

Basic Linux Priv Esc: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Linux Priv Esc PayloadAllTheThings: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md

Linux Priv Esc Checklist: https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist

Sushant 747's Guide: https://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_-_linux.html

Exploring Automated Tools

LinPEAS: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS

LinEnum: https://github.com/rebootuser/LinEnum

Linux exploit suggester: https://github.com/mzet-/linux-exploit-suggester

LinuxPrivChecker: https://github.com/sleventyeleven/linuxprivchecker

Escalation Path: Kernel Exploits

Kernel Exploits: https://github.com/lucyoa/kernel-exploits

Escalation Path: Sudo

GTFOBins: https://gtfobins.github.io/

LinuxPrivEscPlayground: https://tryhackme.com/room/privescplayground

wget example: https://veteransec.com/2018/09/29/hack-the-box-sunday-walkthrough/

dirsearch: https://github.com/maurosoria/dirsearch

CMS Made Simple ExploitDB: https://www.exploit-db.com/exploits/46635

CVE-2019-14287 ExploitDB: https://www.exploit-db.com/exploits/46635

CVE-2019-18634 GitHub: https://github.com/saleemrashid/sudo-cve-2019-18634

Escalation Path: Other SUID Escalation

Nginx Exploit: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

Escalation Path: Capabilities

Priv Esc using Capabilities: https://www.hackingarticles.in/linux-privilege-escalation-using-capabilities/

SUID vs. Capabilities: https://mn3m.info/posts/suid-vs-capabilities/

Capabilites Priv Esc w/ OpennSLL and Selinux enabled and enforced: https://medium.com/@int0x33/day-44-linux-capabilities-privilege-escalation-via-openssl-with-selinux-enabled-and-enforced-74d2bec02099