Linux Sudo Privilege Escalation Techniques Lin Security VM

Hellow, today i gonna show you guys some basics sudo privilege escalation techniques i gonna use the lin security VM for it you can download the box from here : https://www.vulnhub.com/entry/linsecurity-1,244/

To login in we’re gonna use this credentials : bob/secret

Perfect, let’s check what can the current user perform anything as root! :D

We can check that with “sudo -l” command :

Some of them are really easy like /bin/ash, /bin/bash, /bin/sh, /bin/csh, /bin/dash and some more. Let’s check them out :D

/bin/ash :

/bin/bash :

With the same way we can exploit and the other ones, let’s check some more “advance” :D

/usr/bin/awk :

Because the currently shell im have some problems :

Replace the “ with @ i can’t show this example but with this command you will be able to take a root shell : sudo awk ‘BEGIN {system(“/bin/sh”)}’

/usr/bin/expect :

/usr/bin/ftp :

/usr/bin/less :

We can use the same way with the man,more commands.

/usr/bin/vi :

  1. Step

2. Step

3. Step

/usr/bin/pico :

  1. Step

2. Step

Then press CTRL + T :

/usr/bin/perl :

after exec ‘/bin/sh’; press CTRL + D

/usr/bin/git :

1.Step

2. Step

Then we have a root shell :

I made this to be like a cheat sheet for the new members on this field sudo -l have more things like curl, socat etc i’ll make a special post for them. :)

Bye ! :D