Skip to content

Privilege escalation misconfigurations check for Linux

homepage-banner

Introduction

Privilege escalation refers to the act of gaining elevated access to a system, application or resource that is not normally available to a user. Privilege escalation attacks are among the most common types of attacks that can be conducted on any operating system, including Linux. One way to mitigate the risks associated with privilege escalation attacks is to perform regular misconfiguration checks. In this blog post, we will discuss some of the privilege escalation misconfigurations checks that you can perform on a Linux system.

Here are 2 methods trying to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps. It helps administrator to find the potential misconfigurations and fix them early.

Locally

Get binary from Kali Linux or https://pentestmonkey.net/tools/audit/unix-privesc-check.

## scan
unix-privesc-check

Remotely

changeme

apt install changeme
## e.g.
changeme -a 192.168.100.1

dirsearch

dirsearch -u "192.168.100.1:443/" -e *

Conclusion

In conclusion, privilege escalation attacks are a significant threat to Linux systems. It is important to perform regular misconfiguration checks to prevent unauthorized access and ensure the security of your system. By examining the sudoers file configuration, file permissions, and cron jobs, you can help to mitigate the risks associated with privilege escalation attacks on your Linux system.

Small world. Big idea!
  • Welcome to visit the knowledge base of SRE and DevOps!
  • License under CC BY-NC 4.0
  • No personal information is collected
  • Made with Material for MkDocs and generative AI tools
  • Copyright issue feedback me#imzye.com, replace # with @
  • Get latest SRE news and discuss on Discord Channel