OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.

Linux Privilege Escalation Examples From Zero to Hero - OSCP

Security Gurus

In this course, I will teach how to do Privilege Escalate from a Linux OS. We will go over around 30 privilege escalation we can perform from a Linux OS. This training will help you achieve your OSCP, how to prevent Privilege Escalation, and how to perform them, too. Privilege escalation happens when a malicious user exploits a bug, design flaw, or configuration error in an application or operating system to gain elevated access to resources that should normally be unavailable to that user. The attacker can then use the newly gained privileges to steal confidential data, run administrative commands or deploy malware.

Enroll now

What's inside

Learning objectives

  • How to do privilage escalation in linux
  • How to use the cli
  • How to prevent privilege escalation in linux
  • How to setup linux server in virtual box
  • How to create users
  • How to linux works

Syllabus

Setting Up Virtual Machine
What do you need?
Setting Up Ubuntu Server

install network tools:

sudo apt install net-tools

Read more
exploiting bad permissions
Setting Up Bad Permissions passwd
Exploiting Bad Permission passwd
Another Way to Exploit passwd

Also, you want to delete all the encrypted passwords in / etc / passwd and the users created with root access

Challenge
Group File Intro
Exploiting Bad Permission 777 group

find / -type f -perm 0777 2>/tmp/null


In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. Salts are used to safeguard passwords in storage

sudo apt-get install -y hashcat

curl https://samsclass.info/123/proj10/500_passwords.txt > 500_passwords.txt

exploiting SUID
SUID
SUID Example
SUID nano and Vim
How To Find SUID
SUID cp command
SUDO
SUDO Intro

more command is used to view the text files in the command prompt, displaying one screen at a time in case the file is large (For example log files).

Vim

On Linux systems, less is a command that displays file contents or command output one page at a time in your terminal. less is most useful for viewing the content of large files or the results of commands that produce many lines of output.

Find

Awk is a scripting language used for manipulating data and generating reports.The awk command programming language requires no compiling, and allows the user to use variables, numeric functions, string functions, and logical operators.

bin/bash
Python and Perl
bin/bash with File - echo

Stream EDitor (Sed), one of the most prominent text-processing utilities on GNU/Linux. Similar to many other GNU/Linux utilities, it is stream-oriented and uses simple programming language. It is capable of solving complex text processing tasks with few lines of code. This easy, yet powerful utility makes GNU/Linux more interesting.

sudo sed -i 's/root:x:/root:$1$l2MrJFqr$8sMN9lsMvK6Vqt9qsDQoV1:/g' /etc/passwd

Crontab Privilege Escalation 1
Crontab Privilege Escalation 2
Privilege Escalation Tools
Linpeas
Cracked Password With Hashcat
Lin.Security

Download Lin Security Here:

https://in.security/lin-security-practise-your-linux-privilege-escalation-foo/

Lin Security - Sudo - l
Lin Security - Hash in etc passwd
Lin Security - SUID and Home
Lin.security Root Squashing
Docker Priv Escalation
We will be using VMs downloaded from the Internet and try to exploit with what we have learned

Download Machine here:

https://in.security/lin-security-practise-your-linux-privilege-escalation-foo/

https://www.sans.org/reading-room/whitepapers/linux/attack-defend-linux-privilege-escalation-techniques-2016-37562

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Covers privilege escalation techniques, which are essential for penetration testing and vulnerability assessment
Aims to help learners achieve their OSCP certification, which validates skills in penetration testing
Teaches how to prevent privilege escalation, which is crucial for securing Linux systems against attacks
Requires learners to set up a Linux server in VirtualBox, implying a need for familiarity with virtualization
Explores exploiting bad permissions, SUID, SUDO, and Crontab, which are common privilege escalation vectors
Employs tools like Linpeas and Lin.Security, which are widely used for privilege escalation enumeration and exploitation

Save this course

Save Linux Privilege Escalation Examples From Zero to Hero - OSCP to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Linux Privilege Escalation Examples From Zero to Hero - OSCP with these activities:
Review Linux Fundamentals
Solidify your understanding of basic Linux commands and concepts before diving into privilege escalation. This will make it easier to understand the vulnerabilities being exploited.
Browse courses on Linux Fundamentals
Show steps
  • Review basic Linux commands like ls, cd, mkdir, rm, and chmod.
  • Practice navigating the file system using the command line.
  • Familiarize yourself with user permissions and file ownership.
Read 'Linux Basics for Hackers'
Gain a stronger foundation in Linux fundamentals with a book geared towards hackers. This will provide a more practical understanding of the system.
View Linux Basics for Hackers, 2nd Edition on Amazon
Show steps
  • Obtain a copy of 'Linux Basics for Hackers'.
  • Read the chapters covering file system navigation, user management, and permissions.
  • Experiment with the commands and techniques described in the book on a virtual machine.
Practice File Permission Exploitation
Reinforce your understanding of file permission vulnerabilities by creating and exploiting them in a controlled environment. This will help you recognize and exploit similar vulnerabilities in real-world scenarios.
Show steps
  • Set up a virtual machine with a vulnerable Linux configuration.
  • Create files and directories with incorrect permissions (e.g., 777).
  • Attempt to exploit these permissions to gain unauthorized access.
  • Document your findings and the steps you took to exploit the vulnerabilities.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Document Privilege Escalation Techniques
Solidify your understanding of different privilege escalation methods by documenting each technique. This will force you to understand the underlying mechanisms and how to apply them.
Show steps
  • Choose a specific privilege escalation technique (e.g., SUID exploitation, kernel exploits).
  • Research the technique thoroughly, understanding its prerequisites and limitations.
  • Write a detailed explanation of the technique, including code examples and step-by-step instructions.
  • Test the technique in a virtual machine and document your results.
Build a Privilege Escalation Cheat Sheet
Create a comprehensive cheat sheet of Linux privilege escalation techniques. This will serve as a valuable reference during penetration tests and security assessments.
Show steps
  • Research and compile a list of common Linux privilege escalation techniques.
  • For each technique, document the steps required to exploit it, including commands and code snippets.
  • Organize the cheat sheet in a logical and easy-to-navigate format.
  • Test the cheat sheet in a virtual machine and refine it based on your findings.
Study 'Penetration Testing: A Hands-On Introduction to Hacking'
Expand your knowledge of penetration testing methodologies to better understand the context of privilege escalation.
View Penetration Testing: A Hands-On Introduction to... on Amazon
Show steps
  • Obtain a copy of 'Penetration Testing: A Hands-On Introduction to Hacking'.
  • Read the chapters covering Linux exploitation and privilege escalation.
  • Practice the techniques described in the book on a virtual machine.
Contribute to LinPEAS or other enumeration tools
Improve your understanding of privilege escalation by contributing to open-source enumeration tools like LinPEAS. This will expose you to real-world code and help you learn from experienced developers.
Show steps
  • Explore the LinPEAS project on GitHub.
  • Identify potential improvements or bug fixes.
  • Submit a pull request with your changes.
  • Respond to feedback from the project maintainers.

Career center

Learners who complete Linux Privilege Escalation Examples From Zero to Hero - OSCP will develop knowledge and skills that may be useful to these careers:
Penetration Tester
A penetration tester simulates cyberattacks on computer systems to identify vulnerabilities, and this course directly aligns with that goal. The course provides a deep dive into Linux privilege escalation techniques which are essential for a penetration tester to exploit and secure systems. The course's hands-on examples, including exploiting bad permissions using passwd and SUID, directly translate to the skills needed for breaking into systems in a controlled environment. Learning to use tools like hashcat and linpeas, as covered in this course, are essential to perform a complete penetration test. By understanding how to escalate privileges, a penetration tester can better assess risk and recommend appropriate security improvements.
See salaries and explore the career path for Penetration Tester
Security Analyst
A security analyst monitors and analyzes security incidents, and this course is highly relevant to that role. The course focuses specifically on Linux privilege escalation, which is a key attack vector that a security analyst needs to understand. A security analyst can use this course to learn how to identify and respond to privilege escalation attempts. The course's insights into how to prevent such attacks, combined with real world examples, provides a deeper understanding of vulnerabilities. The course's overview of setting up a Linux server will help a security analyst better understand the systems they are defending. By studying examples of attacks, a security analyst can develop better strategies of defense.
See salaries and explore the career path for Security Analyst
Cybersecurity Engineer
A cybersecurity engineer designs and implements security solutions, and this course will greatly benefit individuals in this profession. This course's lessons on Linux privilege escalation are very important in designing secure systems. A cybersecurity engineer needs to understand the nature of these attacks in order to to configure systems to prevent them. Exposure to the tools and techniques in the course, like SUID and sudo, allows a cybersecurity engineer to understand the practicalities of securing a Linux environment. The course will enhance the cybersecurity engineer's ability to implement specific defenses by using real-world attack scenarios. The knowledge learned from this course would be useful for engineers working in operations.
See salaries and explore the career path for Cybersecurity Engineer
Vulnerability Analyst
A vulnerability analyst identifies and assesses security weaknesses in systems, and this course on Linux privilege escalation is highly relevant to the role. This course directly addresses the vulnerabilities around privilege escalation a vulnerability analyst must be able to spot. The course focuses explicitly on how these attacks can be conducted and prevented. The course's practical scenarios, like exploiting bad permissions, including passwd, and SUID, provide knowledge that directly informs a vulnerability analyst's job function. Additionally, the tools discussed in this course are often used by vulnerability analysts to assess systems. A vulnerability analyst better understands how attackers operate by studying this course, which enables them to develop effective strategies to mitigate risk.
See salaries and explore the career path for Vulnerability Analyst
Information Security Specialist
An information security specialist protects data and infrastructure, and this course provides valuable insights for doing so. The course's focus on Linux privilege escalation techniques is precisely the kind of knowledge an information security specialist needs to perform their duties. Information security specialists can use the course to learn about how these attacks are conducted and how to prevent and mitigate them. Specifically, understanding command-line attacks and shell exploits in Linux is essential for information security work. The course's hands-on approach, such as exploiting vulnerable permissions within the command line will help an information security specialist better understand and protect their systems. An information security specialist needs to be aware of these threats for defense or remediation.
See salaries and explore the career path for Information Security Specialist
System Administrator
A system administrator manages computer systems, and this course can be helpful for those who wish to secure their Linux environments. The course teaches how to identify vulnerabilities in privilege escalation, an important skill for a system administrator. The skills taught in this course, from setting up servers to understanding attack vectors like SUID and sudo, can translate to the day-to-day responsibilities of a system administrator. The course will improve a system administrator's ability to monitor the security of their systems. A system administrator can directly apply the course's lessons to hardening the Linux systems they manage. Although the course focuses specifically on attacks, using the information to strengthen defenses makes it a strong fit for system administration.
See salaries and explore the career path for System Administrator
Network Security Engineer
A network security engineer designs and implements network security measures, and this course may be useful in that role. While the course emphasizes Linux privilege escalation, understanding this component of system vulnerability may help a network security engineer improve overall network security. A network security engineer must understand security threats and this course provides concrete examples of what can go wrong in a system. The lessons on preventing such attacks, while specific to Linux, can influence how a network security engineer designs and hardens a network. The lessons on command line attacks and shell exploits are valuable to a security engineer as such tools are used within networks. Taking this course may help a network security engineer better understand the threats that could impact a network.
See salaries and explore the career path for Network Security Engineer
Security Consultant
A security consultant provides expert advice on security practices, and this course may complement the skills they need for their role. The course focuses on Linux privilege escalation, which is a very useful topic for security consultants to know. A security consultant can leverage this course's practical examples of system vulnerabilities to better advise clients. The course's content on how to prevent attacks enhances the consultant's understanding of Linux security, which is valuable when performing security audits. The course will help a security consultant make informed recommendations to clients. The course's focus on tools of attack and defense can help a security consultant guide their clients.
See salaries and explore the career path for Security Consultant
Cloud Security Specialist
A cloud security specialist secures cloud infrastructure, and this course may be useful to them. Although the cloud often uses containers and virtual servers, it may run on Linux, making this course relevant. The course on Linux privilege escalation will allow a cloud security specialist to better understand how attackers can compromise systems in the cloud. The course provides insight into the practical side of vulnerabilities that a cloud security specialist can use to build better defenses. Understanding the command line tools, like bash and vim, used in this course can help a cloud specialist understand how attacks work on cloud systems. A cloud security specialist may find the course useful.
See salaries and explore the career path for Cloud Security Specialist
DevOps Engineer
A DevOps engineer manages the infrastructure and processes for software development, and this course may be useful. The course emphasizes Linux security, which is crucial because much of the infrastructure used by DevOps engineers is built on Linux. A DevOps engineer may find the course useful because an important part of their job is securing their infrastructure. A DevOps engineer can learn how to defend their infrastructure by understanding how it can be attacked. The course, while emphasizing privilege escalation attacks, can help improve a DevOps engineer's understanding of the Linux systems they are maintaining. This knowledge can be used by a DevOps engineer to improve the security of the infrastructure.
See salaries and explore the career path for DevOps Engineer
Software Developer
A software developer builds software applications, and this course may be useful especially if they work with Linux. The course focuses on Linux privilege escalation, which helps teach a software developer how a system can be compromised. Software developers can use this course as an opportunity to learn about the vulnerabilities that they might introduce with their code. The course's hands on approach will help a software developer understand the kinds of mistakes that can lead to security issues. Although not directly related to their core responsibilities of creating code, taking this course may make them a more security conscious developer. A software developer might find the course useful for their own knowledge and growth.
See salaries and explore the career path for Software Developer
IT Auditor
An IT auditor reviews IT systems for compliance and security, and this course may give them extra insight. The course's focus on Linux privilege escalation techniques provides an auditor with an understanding of potential system vulnerabilities. The course's practical approach will enhance a IT auditor's understanding of the kinds of security issues associated with Linux systems. The course's examples will give an IT auditor insight into the kinds of security weaknesses that need to be checked for compliance. While not directly in line with day-to-day actions, this course can be a helpful tool for an IT auditor to better assess overall risk. An IT auditor wishing for a more technical background may find this course useful.
See salaries and explore the career path for IT Auditor
Technical Support Specialist
A technical support specialist provides assistance to computer issues, and this course may be useful for additional knowledge. The course focuses on Linux privilege escalation which can enhance a technician's troubleshooting skills. The course's content on understanding Linux systems and their security weaknesses may be useful for a technician working on servers. While the focus of the course is not directly related day to day help desk tasks, understanding the command line and how it can be exploited will help a technician understand more about Linux. A technical support specialist with an interest in cybersecurity and system administration may find this course useful. The course provides insights into how problems can occur.
See salaries and explore the career path for Technical Support Specialist
Data Scientist
A data scientist analyzes and interprets data, and this course may be useful if they must work within a Linux environment. The course covers Linux privilege escalation, which can help a data scientist using Linux improve their understanding of system security. The course goes over command line operations and system settings which are helpful for a data scientist who works in a command line environment. While not directly related to data science, knowing how systems can be attacked and how to prevent these attacks can help a data scientist protect their environment. A data scientist that wishes to expand their skills may find this course useful.
See salaries and explore the career path for Data Scientist
Project Manager
A project manager organizes projects, and this course may provide some background knowledge. The course focuses on Linux privilege escalation, which is not traditionally part of a project manager's work, but an understanding of cybersecurity may be valuable. While this course does not provide direct project management skills, an interest in cybersecurity may be useful for a manager who runs a technical team. The course's practical examples may help a project manager understand the technical risks of a project. A project manager might find this course interesting, but it's not directly relevant to their day-to-day work.
See salaries and explore the career path for Project Manager

Reading list

We've selected two books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Linux Privilege Escalation Examples From Zero to Hero - OSCP.
Cover image
Linux Basics for Hackers, 2nd Edition
Save
Provides a solid foundation in Linux, specifically tailored for penetration testers and security professionals. It covers essential command-line tools, networking concepts, and security principles. It's a great resource for understanding the underlying system you'll be exploiting. This book is particularly helpful for those new to Linux or those wanting to brush up on their skills.
Linux Basics for Hackers, 2nd Edition
Paperback
$$
Linux Basics for Hackers, 2nd Edition
Kindle Edition
$$
Cover image
Penetration Testing
Save
Provides a broad overview of penetration testing methodologies, including vulnerability assessment and exploitation. While not solely focused on privilege escalation, it provides valuable context and techniques that are relevant to the course. It's a good resource for understanding the bigger picture of security testing. This book is more valuable as additional reading than it is as a current reference.
Penetration Testing: A Hands-On Introduction to...
Paperback
$$
Penetration Testing: A Hands-On Introduction to...
Kindle Edition
$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Effort
5 total hours
Via
Udemy
Instructor
Security Gurus
Language
English
Good to know
Covers privilege escalation techniques, which are essential for penetration testing and vulnerability assessment
Aims to help learners achieve their OSCP certification, which validates skills in penetration testing
Teaches how to prevent privilege escalation, which is crucial for securing Linux systems against attacks
Requires learners to set up a Linux server in VirtualBox, implying a need for familiarity with virtualization
Explores exploiting bad permissions, SUID, SUDO, and Crontab, which are common privilege escalation vectors
Employs tools like Linpeas and Lin.Security, which are widely used for privilege escalation enumeration and exploitation
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2025 OpenCourser