// notes/ PrivEsc — Linux
🐧
Passwords And File Permissions Passwords
Notes from oscp.adot8.com — linux privilege escalation.
#linux privilege escalation#adot8
source · oscp.adot8.com · linux-privilege-escalation/passwords-and-file-permissions_passwords ↗Passwords
Check the history first
code
01history02cat .bash_historyCheck for passwords
{% embed url="https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#looting-for-passwords" %}
<pre><code><strong>grep --color=auto -rnw '/' -ie "PASSWORD" --color=always 2> /dev/nullf </strong><strong>find . -type f -exec grep -i -I "PASSWORD" {} /dev/null \; </strong></code></pre>{% hint style="info" %} Run linPEAS if nothing shows up manually {% endhint %}
Right in front of us
Sometimes the path is right in front of us like a file right in the home directory. Especially in a CTF situation, enumeration on very piece of information given will lead to success... AVOID RABBIT HOLES.
<figure><img src="/files/txSnWFMOgq3CxCIMxc0H" alt=""><figcaption></figcaption></figure>