Linux Privilege Escalation

Familiarize yourself with beginner-to-advanced privilege escalation techniques on Linux.
Write your awesome label here.
Starts: 30 June 2021  Duration: 4 weeks
Recordings of live sessions included!

What You'll Learn

The focus of this bootcamp is to familiarize you with beginner-to-advanced privilege escalation techniques on Linux. You will learn how to identify and leverage misconfigurations to perform horizontal/vertical escalation. The bootcamp will cover techniques starting from traditional privilege escalation methodologies to advanced concepts such as Linux capabilities.

Completing the bootcamp and passing the certification exam will prepare you for performing privilege escalation effectively on Linux-based machines.
  • 4 Live Sessions

  • 2.5 hrs per session

  • Over 50 Lab Exercises

  • 1 PALPE Attempt

  • Recordings of Live Sessions

Build Your Cybersecurity Credentials

  • Become a Pentester Academy Linux Privilege Escalation Expert (PALPE)

Our certification proves your expertise in performing privilege escalation effectively on Linux-based machines.
  • Bootcamp Completion Certificate

Attendees will also get a course completion certificate after attending all 4 live sessions.

Live Session Schedule

Weekly 2.5 hr sessions start at 12:00pm ET and end at 2:30pm ET.
30 June 2021
07 July 2021
14 July 2021
21 July 2021
Basic Privilege Escalation Techniques Part I
Basic Privilege Escalation Techniques Part II
Breaking out of Restricted Environments
Linux Capabilities

Prerequisites

1. A basic knowledge of computers and networking
2. Familiarity with the Linux operating system

Bootcamp Syllabus

Module I: Basic Privilege Escalation Techniques Part I

  • Linux Concepts
  • Linux Users and Groups
  • Linux File Permissions
  • Interactive programs
  • Text Editor
  • Terminal based Browsers
  • Popular Linux Utilities
  • Cron Job
  • Crontab File formats
  • User vs System crontab
  • Shared Libraries
  • Understanding the Load Order
  • Creating a shared library
  • Misconfigured SUID
  • Misconfigured SUDO
  • Misconfigured File Permissions

Module II: Basic Privilege Escalation Techniques Part II

  • Leveraging Cron Jobs
  • Unix Wildcards gone wild
  • World writable scripts
  • World readable cron error messages
  • Symlinks and PATH-based misconfigurations
  • Vulnerable Application and Services
  • Web to Root
  • App to Root
  • Shared Library Injection

Module III: Breaking out of Restricted Environments

  • Restricted Shells
  • Chroot Jail
  • Docker Environment
  • Privileged Containers
  • Mounted Docker Socket
  • Shared Network Namespace
  • Additional Capabilities
  • Leveraging Management Tools
  • Best Practices

Module IV: Linux Capabilities

  • Introduction to Linux Capabilities
  • History
  • Process and file capabilities
  • Linux Capabilities Sets
  • Identifying capabilities provided to binaries and running process
  • Managing capabilities
  • Abusing Linux Capabilities
  • CAP_DAC_READ_SEARCH
  • CAP_SYS_MODULE
  • CAP_SYS_ADMIN
  • CAP_SYS_PTRACE
Meet the instructor

Jeswin Mathai

He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security, and Web Application Security.
Jeswin Mathai - Instructor

Can't attend this bootcamp? Get informed about future bootcamps!

Thank you!
Thank you!