Privilege Escalation - What to look for in enumeration?

cmetropo · August 1, 2018, 1:20pm

Being fairly noob to hands-on pentesting / hacking I wanted to see if anyone had a good resource for what to look for from different areas of post exploit enumeration. Take LinEnum output for example, beyond kernel and release information of the operating system, what do you look for in different areas of the output? Areas like permission groups, cronjobs, binaries, etc…

Is it mostly experience from having that hands on experience or do you have resources you could share that goes over various areas in detail?

0xklaue · August 1, 2018, 1:27pm

You might want to check this URL:

Experience also matters. A cronjob running, faulty SUID configuration, kernel information, misconfigured applications, are the basic ones which can give you some hints, and can easily give you privileged access to root.

This is what I see usually, else any elf, py, scripts, binaries are also misconfigured, which can be used as well.

Topic		Replies	Views
New Tool Released! - minum : Minimal Enumeration Tool Off-topic privilege-escalation , tool , automation	0	415	November 9, 2022
Enumeration for privilege escalation after getting a shell Other enumeration , privledge-elevation	2	1365	January 29, 2021
Where can I practice enumerating linux Other enumeration , root , linux , user	4	760	October 12, 2020
Improving at Windows Privilege Escalation Off-topic	11	3844	March 20, 2019
Linux Privilege Escalation - (running) Services Academy	0	14	September 17, 2024

Privilege Escalation - What to look for in enumeration?

Related topics