Privilege escalation misconfigurations check for Linux
Introduction
Privilege escalation refers to the act of gaining elevated access to a system, application or resource that is not normally available to a user. Privilege escalation attacks are among the most common types of attacks that can be conducted on any operating system, including Linux. One way to mitigate the risks associated with privilege escalation attacks is to perform regular misconfiguration checks. In this blog post, we will discuss some of the privilege escalation misconfigurations checks that you can perform on a Linux system.
Here are 2 methods trying to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps. It helps administrator to find the potential misconfigurations and fix them early.
Locally
Get binary from Kali Linux or https://pentestmonkey.net/tools/audit/unix-privesc-check.
## scan
unix-privesc-check
Remotely
changeme
apt install changeme
## e.g.
changeme -a 192.168.100.1
dirsearch
dirsearch -u "192.168.100.1:443/" -e *
Conclusion
In conclusion, privilege escalation attacks are a significant threat to Linux systems. It is important to perform regular misconfiguration checks to prevent unauthorized access and ensure the security of your system. By examining the sudoers file configuration, file permissions, and cron jobs, you can help to mitigate the risks associated with privilege escalation attacks on your Linux system.