Skip to main content

Basics of Privilege escalation

Understanding about the user and privileges associated are key to PrivEsc.

  1. About the users
    1. who is the user
    2. which groups does the user belong to.
    3. Does the user have any elevated privileges.
  2. User Environment
    1. What is the OS Architecture
      1. Which Version and distribution
    2. Any Environment Variable
  3. Folders and files access
    1. Are there any hidden folder in the home directory.
    2. User history file
    3. Are there any version control product accessible.
    4. List Other users directories
  4. Process or Services
    1. Which services are run by root or super user
      1. Are there any miss configurations of these services
    2. Are there any cron or scheduled jobs
  5. Application
    1. Which applications are installed
      1. Miss configurations
      2. Are these configs writable
    2. Are there any hardcoded passwords
  6. Network Configuration

Get started There is no other day to start a new beginning.