Linux Privilege Escalation – Full Free Course
Upload of the full Linux Exploitation Course.
All the material developed for the course is available in the OSCP repository, link down below.
————————-
TIMESTAMP
00:00:00 Linux Privilege Escalation Course
######### 01 Introduction to the Linux Shell
00:05:58 Introduction
00:08:00 CLI vs GUI
00:13:23 Anatomy of a command
00:19:13 Differences between Terminal, TTY and Shell
00:24:23 Basic Commands
00:39:20 Relative and Absolute Paths
00:43:18 File System Commands
00:55:58 Resources Management Commands
01:05:58 Users Management Commands
01:12:43 Packages Management Commands
01:19:46 Conclusion
######### 02 File System Permissions
01:24:04 Introduction
01:25:04 MAN pages
01:30:26 How linux handles file permissions
01:45:34 Pratice on reading permissions
01:51:59 How to set new permissions with chmod
02:03:59 SUID and GUID bits
02:13:19 The sudo subsystem
02:19:39 How to change owner with chown
######### 03 PATH Hijacking
02:22:03 Introduction
02:23:13 What is the PATH?
02:29:33 How is the PATH used?
02:37:03 Example of a vulnerable program
02:44:58 PATH hijacking
02:47:43 Conclusion
######### 04 SUID Exploitation
02:50:21 Introduction
02:51:21 What is SUID?
02:56:11 Security Issues with SUID
02:58:21 Real Effective and Saved User IDs
03:01:01 Example of a SUID binary
03:04:11 GTFObins
03:05:11 SUID Exploitation 1 – wget
03:08:56 SUID Exploitation 2 – hexdump
03:11:16 SUID Exploitation 3 – ssh-keygen
03:15:56 SUID Exploitation 4 – Emacs and Vim
03:17:41 Searching for SUID binaries
######### 05 SUDO Exploitation
03:19:46 Introductionv
03:21:11 Docker Setup
03:24:06 What is SUDO?
03:28:26 Reading output of sudo -l
03:32:20 Reading SUDO configuration file
03:38:16 Update SUDO configuration with visudo
03:39:46 Exploiting SUDO
03:42:47 Example 1 – ALL NOPASSWD
03:45:31 Example 2 – pip install
03:52:46 Example 3 – tar
03:55:46 Example 4 – base64
04:00:06 Conclusion
######### 06 Wildcard Expansion Exploitation
04:01:13 Introduction
04:02:33 Shell wildcards
04:09:43 The danger of wildcards
04:12:03 Scenario 1 – tar
04:18:58 Scenario 2 – find
04:25:25 Scenario 3 – rsync
04:30:05 Conclusion
######### 07 Reverse Shells in Linux
04:31:23 Introduction
04:32:18 Docker Setup
04:34:13 Reverse Shell vs Bind Shell
04:38:23 Reverse Shells are Better
04:42:23 File Transfer Commands
04:50:23 Spawning Reverse Shells
04:51:33 Payload 1 – Bash
04:57:33 Payload 2 – Python
05:01:34 Payload 3 – Perl
05:02:03 Payload 4 – Php
05:02:23 Payload 5 – Ruby
05:03:56 Conclusion
######### 08 Unshadow Attack
05:05:20 Introduction
05:06:35 Docker setup
05:07:50 Shadow and Passwd files
05:15:55 Compute shadow hashes
05:18:40 The role of salt
05:20:45 Wordlists and rockyou.txt
05:22:42 Unshadow attack
05:29:12 Conclusion
######### 09 System Enumeration
05:30:05 Introduction
05:32:10 The value of Enumeration
05:34:50 What to Enumerate
05:48:08 How to Enumerate
06:03:56 Automated Scripts
06:09:05 Conclusion
######### 10 Cronjob Enumeration
06:10:24 Introduction
06:11:39 What is a Cronjob
06:14:19 Cronjob Configuration
06:22:59 Cronjob Enumeration
06:29:49 Cronjob Exploitation
06:35:57 Conclusion
######### 11 Capabilities Enumeration
06:36:23 Introduction
06:37:28 What are capabilities in Linux
06:44:57 How to configure capabilities
06:47:13 How to enumerate capabilities
06:50:28 Powerful capabilities for exploitations
06:53:03 Example cap setuid
06:56:23 Example cap sys ptrace
07:02:13 Conclusion
######### 12 Local Service Exploitation
07:11:54 Local Port Forwarding
07:25:59 Remote Port Forwarding
######### 13 Linux Binary Exploitation
07:30:00 What is a Buffer Overflow
######### 14 Linux Kernel Exploitation
08:11:59 On the danger of Kernel Exploits
————————-
REFERENCES
– Material: https://github.com/LeonardoE95/yt-en/tree/main/src/-
– OSCP repository: https://github.com/LeonardoE95/OSCP
————————-
CONTACTS
– Blog: https://blog.leonardotamiano.xyz/
– Github: https://github.com/LeonardoE95?tab=repositories
– Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ
Views : 16847
linux
