71

GitHub - Ignitetechnologies/Privilege-Escalation: This cheasheet is aimed at the...

 6 years ago
source link: https://github.com/Ignitetechnologies/Privilege-Escalation
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

README.md

Privilege Escalation Cheatsheet (Vulnhub)

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples. It is not a cheatsheet for Enumeration using Linux Commands. Privilege escalation is all about proper enumeration. There are multiple ways to perform the same tasks. We have performed and compiled this list on our experience. Please share this with your connections and direct queries and feedback to Pavandeep Singh.

cheatsheet

Table of Contents

Abusing Sudo Rights

  1. Holynix: v1
  2. DE-ICE:S1.120
  3. 21 LTR: Scene1
  4. Kioptrix : Level 1.2
  5. Skytower
  6. Fristileaks
  7. Breach 2.1
  8. Zico 2
  9. RickdiculouslyEasy
  10. Dina
  11. Depth
  12. The Ether: Evil Science
  13. Basic penetration
  14. DerpNStink
  15. W1R3S.inc
  16. Bob:1.0.1
  17. The blackmarket
  18. Violator
  19. Basic Pentesting : 2
  20. Temple of Doom
  21. Wakanda : 1
  22. Matrix : 1
  23. KFIOFan : 1
  24. W34n3ss 1
  25. Replay : 1
  26. Unknowndevice64 : 1
  27. Web Developer : 1
  28. SP ike
  29. DC-2
  30. DC6
  31. Born2Root2
  32. DC-4
  33. Development
  34. Sputnik 1
  35. PumpkinRaising
  36. Matrix-3
  37. symfonos : 2
  38. Digitalworld.local : JOY
  39. PumpkinFestival
  40. Sunset
  41. Symfonos:3
  42. Ted:1
  43. CLAMP 1.0.1
  44. Torment
  45. WestWild: 1.1
  46. Broken: Gallery

SUID Bit

  1. Tr0ll 1
  2. Mr. Robot
  3. Covfefe
  4. Toppo:1
  5. /dev/random : K2
  6. FourAndSix : 2
  7. DC-1
  8. HackinOS : 1
  9. digitalworld.local - BRAVERY
  10. Happycorp : 1
  11. MinU: v2
  12. hackme1
  13. dpwwn:2
  14. Kevgir

Kernel Exploit

  1. LAMPSecurity: CTF 5
  2. pWnOS -1.0
  3. Hackademic-RTB1
  4. Kioptrix : Level 1.1
  5. Kioprtix: 5
  6. SecOS: 1
  7. Droopy
  8. Stapler
  9. Sidney
  10. Simple
  11. VulnOS: 2.0
  12. Lord of the Root
  13. Acid Reloaded
  14. Pluck
  15. Fartknocker
  16. Nightmare
  17. Super Mario
  18. BTRSys:dv 2.1
  19. Trollcave
  20. Golden Eye:1
  21. Lampiao : 1
  22. WinterMute : 1
  23. ch4inrulz : 1.0.1
  24. Typhoon : 1.02
  25. DC-3
  26. DC-5
  27. GrimTheRipper:1

Path Variable

  1. PwnLab
  2. Nullbyte
  3. USV
  4. The Gemini inc
  5. Silky-CTF: 0x01
  6. symfonos : 1
  7. Beast 2
  8. Zeus:1

Enumeration

  1. The Library:1
  2. The Library:2
  3. LAMPSecurity: CTF 4
  4. LAMPSecurity: CTF 7
  5. LAMPSecurity: CTF 8
  6. Xerxes: 1
  7. pWnOS -2.0
  8. DE-ICE:S1.130
  9. DE-ICE:S1.140
  10. Hackademic-RTB2
  11. SickOS 1.1
  12. Tommyboy
  13. Minotaur
  14. VulnOS: 1
  15. Spyder Sec
  16. Acid
  17. Necromancer
  18. Freshly
  19. Fortress
  20. Billu : B0x
  21. Defence Space
  22. Moria 1.1
  23. Analougepond
  24. Lazysysadmin
  25. Bulldog
  26. BTRSys 1
  27. G0rmint
  28. Blacklight : 1
  29. RootThis : 1
  30. Cyberry:1

MySQL

  1. Kioptrix : Level 1.3
  2. Raven
  3. Raven : 2

Crontab

  1. Billy Madison
  2. Born2root
  3. BSides Vancuver: 2018
  4. Jarbas : 1
  5. SP:Jerome

Wildcard Injection

  1. Milnet
  2. Pipe

Capabilities

  1. Kuya : 1
  2. DomDom: 1

Apache2.conf Writable

  1. Torment

Writable etc/passwd file

  1. Hackday Albania
  2. Billu Box 2
  3. Bulldog 2

Writable files or script as root

  1. Skydog
  2. Breach 1.0
  3. Bot Challenge: Dexter
  4. Fowsniff : 1
  5. Mercy
  6. Casino Royale
  7. SP eric
  8. PumpkinGarden
  9. dpwwn: 1
  10. Tr0ll: 3
  11. Nezuko:1

Buffer Overflow

  1. Tr0ll 2
  2. IMF
  3. BSides London 2017
  4. PinkyPalace
  5. ROP Primer
  6. CTF KFIOFAN:2

Docker

  1. Donkey Docker
  2. Game of Thrones

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK