Checklist (priv esc)
Note: Linux page has few notes if you missed it
Check linux OS version
Check kernel version (
uname -a
)Check sudo binary (
find / -perm -4000 -ls >2/dev/null
)sudo -l
to check if any sudo bit is enabled for that usercheck : https://gtfobins.github.io/ for sudo binary exploits
check cron jobs (
/etc/cronjobs
)well if you cant check root's cronjob directly ....... pspy might help
run
grep -nrw /dir/to/search/in -e "/path/of/script_or_file 2>/dev/null"
to check if any file runs/uses the file.
run pspy64 script (https://github.com/DominicBreuker/pspy)
Edit access on sudo script
Last updated