OSCP Privilege Escalation MindMap/Guide
Connect with me:
The MindMaps comes in different formats and there are located in the MindMaps folder
Supported Formats:
- png
- svg
- docx
- md
- xlsx
- opml
Credential Harvesting {Passwords/Keys}
- SSH keys
- Reused Passwords
- Credentials from Bash History / Bash History Files
- Credentials From Configuration Files
- Credentials From Local Databases
Automated Tools
- LinPEAS
- LinEnum
Exploits
- Kernel Version
- Binary File Versions
- Services Running On Local Host
Automated Tools
- Linux Exploit Suggester
Misconfigurations
- Sudo Access (Sudo -l)
- Abusing Intended Binary Functionality
- SUID / SGID Executables
Weak File Permissions on Sensitive Files
{WRITABLE}
- /etc/passwd
- /etc/shadow
- /etc/sudoers
- Configuration Files
Weak File Permissions on Sensitive Files
{READABLE}
- /etc/shadow
- /root/.ssh/id_rsa {SSH Private Keys}
Writable PATH
- Root $PATH Env Variable Writable
- Directory in $PATH Writable
Cron Jobs
- Writable Cron Jobs
- Writable Cron Jon Dependency File
{Python File etc}
Environment Variables
- LD_PRELOAD set in /etc/sudoers