Privilege Escalation - What to look for in enumeration?

Being fairly noob to hands-on pentesting / hacking I wanted to see if anyone had a good resource for what to look for from different areas of post exploit enumeration. Take LinEnum output for example, beyond kernel and release information of the operating system, what do you look for in different areas of the output? Areas like permission groups, cronjobs, binaries, etc..

Is it mostly experience from having that hands on experience or do you have resources you could share that goes over various areas in detail?

Comments

  • You might want to check this URL:

    https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

    Experience also matters. A cronjob running, faulty SUID configuration, kernel information, misconfigured applications, are the basic ones which can give you some hints, and can easily give you privileged access to root.

    This is what I see usually, else any elf, py, scripts, binaries are also misconfigured, which can be used as well.

    pzylence
    Unavailable for now. OSCP time.

Sign In or Register to comment.