🐧 Linux Privilege Escalation for Pentesters
A practical Linux Privilege Escalation cheat sheet designed for penetration testers, OSCP aspirants, red teamers, and CTF players to understand how attackers escalate privileges on Linux systems after gaining initial access.
🔵 Telegram – Join Channel
⚫ Twitter/X – Follow Us
🟣 Discord – Join Server
💼 LinkedIn – Follow HackingArticles
🚀 Join Our Cybersecurity Training Program
Hands-on training in Penetration Testing, Red Teaming, and Cybersecurity.
| # | Topic | Description | Article |
|---|---|---|---|
| 1 | 🔑 Abusing Sudo Rights | Escalate privileges by abusing misconfigured sudo permissions | Read Article |
| 2 | ⚙️ SUID Binaries | Exploit SUID binaries to execute commands with elevated privileges | Read Article |
| 3 | 🧩 Linux Capabilities | Abuse Linux capabilities assigned to binaries for privilege escalation | Read Article |
| 4 | 📦 LXD Privilege Escalation | Escalate privileges using LXD container misconfiguration | Read Article |
| 5 | 🐳 Docker Privilege Escalation | Gain root access via Docker container misconfiguration | Read Article |
| 6 | ⏰ Exploiting Cron Jobs | Abuse scheduled cron jobs to execute malicious commands | Read Article |
| 7 | 📝 Writable /etc/passwd File | Escalate privileges by modifying the /etc/passwd file | Read Article |
| 8 | 🌐 Misconfigured NFS | Exploit NFS misconfigurations to gain root privileges | Read Article |
| 9 | 🃏 Exploiting Wildcard | Abuse wildcard expansion in scripts to escalate privileges | Read Article |
| 10 | 🧠 LD_PRELOAD | Inject malicious libraries via LD_PRELOAD to escalate privileges | Read Article |
| 11 | 🛠️ PATH Variable Exploit | Exploit PATH variable misconfiguration to run malicious binaries | Read Article |
| 12 | 🐍 Python Library Hijacking | Hijack Python libraries used by privileged scripts | Read Article |
| 13 | 🔓 Polkit (CVE-2021-3560) | Exploit Polkit vulnerability to gain root privileges | Read Article |
| 14 | 💣 PwnKit (CVE-2021-4034) | Exploit pkexec vulnerability to escalate privileges | Read Article |
| 15 | 🧨 DirtyPipe (CVE-2022-0847) | Exploit Linux kernel DirtyPipe vulnerability for privilege escalation | Read Article |