Privilege Escalation Via Cron

Exploiting Misconfigured Cron Permissions To Gain Root Access

Vickie Li
The Startup

--

Cron is a super useful job scheduler in Unix-based operating systems. It allows you to schedule jobs to run periodically.

Cron is usually used to automate system administration tasks. But for the individual user, you can use Cron to automate tasks like downloading emails, running malware scanners and checking websites for updates.

Today, let’s dive into how to use Cron and the security risks of a misconfigured Cron system.

How Does Cron Work?

The behavior of the Cron utility can be fully customized. You can configure the behavior of Cron by editing files called “crontabs”. Unix keeps different copies of crontabs for each user. You can edit your own user’s crontab by running:

crontab -e

You can also list the current cronjobs for your user by running:

crontab -l

There is also a system-wide crontab that administrators can use to configure system-wide jobs. In Linux systems, the location for the system-wide crontab is /etc/crontab. Cron will run as the root user when executing scripts and commands in this file.

Crontab syntax

--

--

No responses yet