Linux - Privilege Escalation Content of this page has been moved to InternalAllTheThings/redteam/persistence/linux-persistence Tools Checklist Looting for passwords Files containing passwords Old passwords in /etc/security/opasswd Last edited files In memory passwords Find sensitive files SSH Key Sensitive files SSH Key Predictable PRNG (Authorized_Keys) Process Scheduled tasks Cron jobs Systemd timers SUID Find SUID binaries Create a SUID binary Capabilities List capabilities of binaries Edit capabilities Interesting capabilities SUDO NOPASSWD LD_PRELOAD and NOPASSWD Doas sudo_inject CVE-2019-14287 GTFOBins Wildcard Writable files Writable /etc/passwd Writable /etc/sudoers NFS Root Squashing Shared Library ldconfig RPATH Groups Docker LXC/LXD Hijack TMUX session Kernel Exploits CVE-2022-0847 (DirtyPipe) CVE-2016-5195 (DirtyCow) CVE-2010-3904 (RDS) CVE-2010-4258 (Full Nelson) CVE-2012-0056 (Mempodipper) Share this content