A Note On Config Files

Configuration files contain configurations for various processes and programs running on the Linux system. They are generally stored under /etc. Configuration files can hold all sorts of information for programs running which makes it an extremely broad topic to discuss in terms of privilege escalation. The main idea is, if you have write access to a file, try to find some way to abuse it so it runs commands as an elevated user. To identify configuration files that we have write access to, you can run this command:

find / -perm -o+w -type f 2>/dev/null | grep -v '/sys\|proc'

After running the command above, you will want to focus your attention on files located in /etc . There are hundreds of possibilities for abusing misconfigured configuration files. You will have to get creative here since there is not only one path to elevating your privileges. Your best friend will be Google.

--

--

--

I am a Security Consultant and formerly worked at PayPal as a Penetration Tester. At night I teach Cyber Security at UTexas. OSCP

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Horizontal Pod Autoscaler (HPA) in Kubernetes

How Chisel is making designing processors interesting for Software Engineers?

Image of processor

Liskovs substitution principle (LSP)

Day 5 of #30DaysofKotlin

How the World works in the Covid-19 era…

Verified WhatsApp Business Chatbot in 5 minutes (without coding!)

Getting The Most Out Of Code Quality Metrics

Active Directory Enumeration without Admin Privileges

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Recipe For Root

Recipe For Root

I am a Security Consultant and formerly worked at PayPal as a Penetration Tester. At night I teach Cyber Security at UTexas. OSCP

More from Medium

Kubernetes Network Policy or Blocking External Traffic will Slightly Reduce log4j Attack, not…

Series of CTF machines Walkthrough #7 Linux Privilege Escalation using SUID permissions.

Microsoft Azure Active Directory (AAD) Add custom domain and custom user

Log4Shell Part 2: Discovery, Mitigation, and a Digital Vaccine!