// notes/ PrivEsc — Linux
🐧

Passwords And File Permissions Passwords

Notes from oscp.adot8.com — linux privilege escalation.

#linux privilege escalation#adot8
source · oscp.adot8.com · linux-privilege-escalation/passwords-and-file-permissions_passwords

Passwords

Check the history first

code
01history
02cat .bash_history

Check for passwords

{% embed url="https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#looting-for-passwords" %}

<pre><code><strong>grep --color=auto -rnw '/' -ie "PASSWORD" --color=always 2> /dev/nullf </strong><strong>find . -type f -exec grep -i -I "PASSWORD" {} /dev/null \; </strong></code></pre>

{% hint style="info" %} Run linPEAS if nothing shows up manually {% endhint %}

Right in front of us

Sometimes the path is right in front of us like a file right in the home directory. Especially in a CTF situation, enumeration on very piece of information given will lead to success... AVOID RABBIT HOLES.

<figure><img src="/files/txSnWFMOgq3CxCIMxc0H" alt=""><figcaption></figcaption></figure>