Linux Privilege Escalation for OSCP & Beyond! from Udemy

What's inside

Learning objectives

Multiple methods for escalating privileges on a linux system.
In depth explanations of why and how these methods work.

Tools which can help identify potential privilege escalation vulnerabilities on a linux system.
A free intentionally vulnerable debian linux vm to practice privilege escalation on.

Multiple methods for escalating privileges on a linux system.
In depth explanations of why and how these methods work.
Tools which can help identify potential privilege escalation vulnerabilities on a linux system.
A free intentionally vulnerable debian linux vm to practice privilege escalation on.

Syllabus

Introduction

An introduction to your lecturer and what the course covers, as well as setting up the practice Debian VM. The VM is provided as a downloadable material in this lecture, as are the full slides for the entire course. These slides contain all the information from the video lectures, as well as step-by-step instructions for performing the privilege escalations.

A brief summary of what we mean by privilege escalation in the context of Linux systems.

An in-depth look at how Linux handles permissions, which is essential to understanding how to escalate privileges.

A few ways to spawn root shells in Linux, all of which will make an appearance in the course.

An overview and demo of two popular privilege escalation enumeration tools for Linux.

Privilege Escalation Techniques

A look at Linux Kernel exploits and a demo of the Dirty Cow exploit that can be used to spawn a root shell.

An overview of service exploits which can lead to root, as well as a demo of a complicated MySQL exploit.

Multiple methods for exploiting weak file permissions in order to escalate privileges in Linux.

A look at a number of misconfigurations in the Sudo command which can lead to privilege escalation.

Exploiting weaknesses in cron jobs to execute commands with root privileges.

A detailed look into SUID and SGID executable files that includes several methods for discovering and exploiting weaknesses to gain elevated privileges.

Common locations to look for passwords and keys that may allow you to log in as the root user.

An overview of NFS and a dangerous misconfiguration which lets you create files as the root user.

A concluding video to the course which briefly discusses privilege escalation strategy.

A brief discussion about privilege escalation strategy to end the course.

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Teaches multiple privilege escalation techniques in Linux, including methods like exploiting kernel exploits, service exploits, weak file permissions, Sudo misconfigurations, cron jobs, and SUID/SGID executables

Provides a free intentionally vulnerable Debian Linux VM for students to practice privilege escalation on

Includes in-depth explanations of how and why each privilege escalation technique works

Offers a comprehensive set of slides (170+) covering all the information from the video lectures and step-by-step instructions for performing the privilege escalations

Covers common forms of privilege escalation specifically relevant to students preparing for the OSCP

Taught by Tib3rius, experienced instructors in the field of privilege escalation and security

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Linux Privilege Escalation for OSCP & Beyond! with these activities:

Review Linux permissions and file system basics

Show steps

Ensure you have a solid understanding of Linux permissions and file system basics, which are essential for privilege escalation.

Show steps

Review lecture materials on Linux permissions and file system basics
Read articles or blog posts on the topic
Complete practice exercises to reinforce your understanding

Compile and review course materials

Show steps

Strengthen your understanding of the course material by reviewing and organizing your notes, assignments, and quizzes.

Show steps

Gather and organize your course materials
Review and summarize key concepts
Identify areas where you need additional clarification
Seek support from the instructor or peers if needed

Participate in peer practice sessions

Show steps

Collaborate with peers to practice privilege escalation techniques and share your knowledge and experiences.

Show steps

Find a study group or connect with other students in the course
Organize regular practice sessions
Take turns leading sessions and presenting techniques
Provide feedback and support to each other

Three other activities

Expand to see all activities and additional details

Show all six activities

Build a simple Linux system to practice privilege escalation

Show steps

Gain hands-on experience with privilege escalation by building a simple Linux system from scratch.

Show steps

Install a minimal Linux distribution
Configure basic network and file system settings
Install and configure essential services
Create user accounts and assign permissions
Test your privilege escalation techniques on your custom system

Develop a privilege escalation strategy for a target system

Show steps

Demonstrate your understanding and ability to apply privilege escalation techniques by developing a comprehensive strategy for a specific target system.

Show steps

Identify and analyze a target system
Research and gather information about potential vulnerabilities
Develop a step-by-step strategy to escalate privileges on the target system
Document your strategy and findings
Review and refine your strategy based on feedback

Participate in a security challenge or CTF event

Show steps

Challenge yourself and test your privilege escalation skills by participating in a real-world security challenge or CTF event.

Show steps

Find a suitable security challenge or CTF event
Register and prepare for the event
Work on solving the challenges
Collaborate with others and learn from your experiences
Analyze your performance and identify areas for improvement

Career center

Learners who complete Linux Privilege Escalation for OSCP & Beyond! will develop knowledge and skills that may be useful to these careers:

Penetration Tester

Penetration Testers are responsible for evaluating the security of computer systems and networks by attempting to exploit vulnerabilities and gain unauthorized access, much like an attacker would. The Linux Privilege Escalation for OSCP course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Penetration Testers who want to improve their skills and stay ahead of potential adversaries.

See salaries and explore the career path for Penetration Tester

Ethical Hacker

Ethical Hackers are responsible for testing the security of computer systems and networks by attempting to exploit vulnerabilities and gain unauthorized access, much like an attacker would, but with the intention of improving the security of the system. The Linux Privilege Escalation for OSCP course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Ethical Hackers who want to improve their skills and stay ahead of potential adversaries.

See salaries and explore the career path for Ethical Hacker

Security Engineer

Security Engineers are responsible for designing, implementing, and maintaining security measures to protect data and systems, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to perform maintenance tasks. The Linux Privilege Escalation for OSCP & Beyond course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Security Engineers who want to improve their skills and stay ahead of potential threats.

See salaries and explore the career path for Security Engineer

Security Analyst

Security Analysts are responsible for monitoring and analyzing security data to identify threats and vulnerabilities, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to investigate security incidents. The Linux Privilege Escalation for OSCP & Beyond course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Security Analysts who want to improve their skills and stay ahead of potential attackers.

See salaries and explore the career path for Security Analyst

Network Security Engineer

Network Security Engineers are responsible for designing, implementing, and maintaining security measures to protect networks from unauthorized access and attacks, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to perform maintenance tasks. The Linux Privilege Escalation for OSCP & Beyond course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Network Security Engineers who want to improve their skills and stay ahead of potential threats.

See salaries and explore the career path for Network Security Engineer

Cybersecurity Engineer

Cybersecurity Engineers are responsible for developing and implementing security strategies to protect data and systems from cyber attacks, and they may use privilege escalation techniques to gain access to systems to perform security assessments or to perform maintenance tasks. The Linux Privilege Escalation for OSCP & Beyond course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Cybersecurity Engineers who want to improve their skills and stay ahead of potential attackers.

See salaries and explore the career path for Cybersecurity Engineer

SOC Analyst

SOC Analysts are responsible for monitoring and analyzing security data to identify threats and vulnerabilities in real time, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to investigate security incidents. The Linux Privilege Escalation for OSCP & Beyond course teaches multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for SOC Analysts who want to improve their skills and stay ahead of potential attackers.

See salaries and explore the career path for SOC Analyst

Information Security Analyst

The ability to escalate privileges on a Linux system is a valuable skill for many professionals in cybersecurity, including Information Security Analysts. These professionals are responsible for protecting their organization's data and systems from unauthorized access, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to debug problems or perform maintenance. The Linux Privilege Escalation for OSCP & Beyond course teaches you multiple methods for escalating privileges on a Linux system and provides an in-depth understanding of why and how these methods work, making it a valuable resource for Information Security Analysts who want to improve their skills and stay ahead of potential attackers.

See salaries and explore the career path for Information Security Analyst

Vulnerability Researcher

Vulnerability Researchers are responsible for discovering and reporting security vulnerabilities in computer systems and software, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to test the security of the system.

See salaries and explore the career path for Vulnerability Researcher

Incident Responder

Incident Responders are responsible for responding to security incidents and mitigating their impact, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to contain the incident or to collect evidence.

See salaries and explore the career path for Incident Responder

Malware Analyst

Malware Analysts are responsible for analyzing malware to understand how it works and how to protect against it, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to collect samples or to analyze the malware in a controlled environment.

See salaries and explore the career path for Malware Analyst

Forensic Investigator

Forensic Investigators are responsible for investigating cybercrime and recovering evidence, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to collect evidence.

See salaries and explore the career path for Forensic Investigator

Systems Administrator

Systems Administrators are responsible for managing and maintaining computer systems and networks, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to perform maintenance tasks or to troubleshoot problems.

See salaries and explore the career path for Systems Administrator

Cloud Security Engineer

Cloud Security Engineers are responsible for securing cloud computing environments, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to perform security assessments or to perform maintenance tasks.

See salaries and explore the career path for Cloud Security Engineer

Database Administrator

Database Administrators are responsible for managing and maintaining databases, and they may use privilege escalation techniques to gain access to systems or to escalate privileges in order to perform maintenance tasks or to troubleshoot problems.

See salaries and explore the career path for Database Administrator