A Deep Dive into Linux Privilege Escalation - Workshop now on GitHub!
In 2022, I had the pleasure of conducting a workshop on Linux Privilege Escalation (LPE) at my workplace. The special thing about it? We’ve made all the materials available on GitHub so that anyone can conduct this workshop themselves!
Together with a colleague, we spent an exciting time delving deep into this complex and fascinating topic. The workshop lasted about 1.5 to 2 hours - a short but intense period where we immersed ourselves in the depths of Linux permissions, kernel exploits, and much more.
What did we do?
Our workshop focused on various aspects of Linux Privilege Escalation. We explored topics like Capabilities, CronJobs, and Kernel Exploits. We used various tools and resources, including gtfobins and Linux Exploit Suggester to gain root permissions on a vulnerable virtual machine (VM, Dockerfile and Vagrantfile is available).
We also learned how to exploit vulnerabilities in file permissions and how to use Wildcard Injection to gain root privileges. It was an intense but rewarding experience that gave us a deep insight into the world of Linux security.
How can you participate?
For anyone interested in this topic, we have hosted all the necessary files for the workshop on GitHub. There you will find everything you need to start your own LPE adventure!
We look forward to your feedback and suggestions, either as disqus comment at the end of the blog post, on GitHub, or via email. It would be great if we could expand this workshop with more exciting LPE topics.
Final Thoughts
Conducting this workshop was an incredibly enriching experience. Not only did it help us deepen our understanding of Linux and security, but it also showed us the importance of continuous learning and expanding our skills.
We look forward to conducting more workshops in the future and sharing our knowledge with others. Until then, happy hacking!