Linux Privilege Escalation
This room covers 8 distinct Linux privilege escalation techniques, each with its own target machine and flag. Starting from an unprivileged shell as user "karen", you'll enumerate the system, identify misconfigurations, and escalate to root. Techniques covered: kernel exploits (CVE-2015-1328), sudo abuse with GTFOBins, SUID/GUID file abuse, Linux capabilities, cron job hijacking, PATH manipulation, and NFS no_root_squash exploitation. The room ends with a capstone challenge that requires chaining multiple techniques.
Skills You Will Learn
Prerequisites
- thm-introtoshells
- thm-linuxfundamentals1
- linux-basics
- bash-scripting
Walkthrough Phases
Enumeration: Know Your Target
Systematically enumerate the target system to identify privesc vectors
Kernel Exploit: CVE-2015-1328
Exploit the overlayfs vulnerability to gain root
Sudo Abuse: GTFOBins
Exploit misconfigured sudo permissions to escalate to root
SUID/GUID Abuse
Find and exploit SUID binaries to read privileged files
Linux Capabilities
Enumerate and exploit binaries with elevated Linux capabilities
Cron Job Exploitation
Identify writable cron scripts and inject a reverse shell or privilege escalation
PATH Manipulation
Abuse writable PATH directories to hijack command execution
NFS no_root_squash
Exploit NFS misconfiguration to plant a SUID binary and gain root
Capstone: Put It All Together
Escalate to root on the capstone machine using the techniques learned