linux privilege escalation

SKILL.md

Execute systematic privilege escalation assessments on Linux systems to identify and exploit misconfigurations, vulnerable services, and security weaknesses that allow elevation from low-privilege user access to root-level control. This skill enables comprehensive enumeration and exploitation of kernel vulnerabilities, sudo misconfigurations, SUID binaries, cron jobs, capabilities, PATH hijacking, and NFS weaknesses.

Basic System Information Gather fundamental system details for vulnerability research:

| 2.6.x - 3.x | Dirty COW | CVE-2016-5195 | | 4.4.x - 4.13.x | Double Fetch | CVE-2017-16995 | | 5.8+ | Dirty Pipe | CVE-2022-0847 |

當用戶要求“在 Linux 上升級權限”、“在 Linux 系統上查找 privesc 向量”、“利用 sudo 錯誤配置”、“濫用 SUID 二進製文件”、“利用 cron 作業進行 root 訪問”、“枚舉 Linux 系統進行權限升級”或“從低權限 shell 獲得 root 訪問權限”時，應使用此技能。它提供了用於識別和利用 Linux 系統上的權限升級路徑的全面技術。 來源：jpropato/siba。

查看原文