Linux Privilege Escalation - Tradecraft Security Weekly #22

Рет қаралды 47,363

Күн бұрын

Пікірлер: 39

@Queennyla16 5 жыл бұрын

I am a 3rd yr pentester (9 years in IT) in the federal sector and i must say that was the most no bullshit explanation of privesc that i have ever seen. Please continue making videos the way you do (straight to the point)..also you have a new subscriber!

@Xianion 5 жыл бұрын

This is an extremely helpful video! You helped me escape a restricted shell in HTB!

@fsacer 7 жыл бұрын

note that also newer versions of nmap can be exploited (if set as SUID) by including your own script

@TopCaliber0 7 жыл бұрын

Good tip, thanks!

@isaargentina4495 4 жыл бұрын

Wonderfull! I learnt a lot, while Im trying to recover sudo proviledge in a Oracle instance

@majidshahmiri7860 6 жыл бұрын

Liked the video very much, nicely explained, best part is quality of video and audio and the vocal of speaker.. 5 out of 5

@dombg6313 4 жыл бұрын

Thanks for the video. Just a little heads up: The command to list other super users will always return "root" since all it does is checking for $3 to be 0 and then print out that line. $3 is the entry for the user id and uid = 0 is always root.

@nullogs4468 4 жыл бұрын

That was fun and good to learn. Im at the very beginning of my pentesting journey about to start Linux+ in class.

@SamOween 3 жыл бұрын

Where are you 10 months later? What advice would you give to yourself 10 months ago?

@iadesanya 6 жыл бұрын

Great episode Beau!

@ahnospell44 7 жыл бұрын

Thank you man, great Episode!

@ByteMasterPro 6 жыл бұрын

Thank you! This is excellent!

@andreys1071 4 жыл бұрын

Neat channel, thank you!

@GianLello 4 жыл бұрын

How can i install an older version of nmap correctly? I have huge roblems on doing it

@emelbasayar5809 5 жыл бұрын

This video is very usefull thanks . Privelege escalation is extremely hard. Do you have any suggestion more? Or do you upload a lot video about priv escalation :) Thanks

@blcksmith 5 жыл бұрын

u deserve a really cold beer man ;)

@emre-yaman 3 жыл бұрын

sudo -l only shows /usr/bin/php and couldnt find my way around :/ could you spare any tips about the situation

@浮尘-o4u 4 жыл бұрын

Very nice 👍

@Ninja5433 4 жыл бұрын

I'm so mad i had to come here for this.......... but thank you for the education lol

@k3nundrum 4 жыл бұрын

Still an awesome video man.... BTBAM FTW!

@hdphoenix29 5 жыл бұрын

i find it the most usefull tutorial on youtube Thanks a lot !!!

@aabid3677 4 жыл бұрын

Very informative ❤️

@memedaddyz 4 жыл бұрын

Thank you!

@Nagle11234 5 жыл бұрын

i chmod my nmap to get it suid, but when i use the !sh command it dosent give me root :( any idea what im doing wrong?

@j.6230 5 жыл бұрын

Is there any easy way to determine what SUID files can be exploited, I know a couple from off the top of my head like nmap. But how do you determine if other SUID binaries except nmap/vi/vim etc. can be exploited that way?

@nylarnameless1759 5 жыл бұрын

I use linuxprivchecker you can GitHub it. It's a simple python script that you can deliver a number of ways. Once it's on a target system running it gives you just about all the information you could ever dream of.

@Robertlavigne1 5 жыл бұрын

Thanks! This video got me my 2nd root on HackTheBox! I'm sure I'll come back to this video a few times moving forward as there are lots of great tips in there!

@glowiever 2 жыл бұрын

I can't seem to hack a cloud vps, they removed almost all non essential binaries. even the sudo lol.

@calmeidazim 7 жыл бұрын

You rock :) thank you, learn a lot

@macobadmintoncambodia8118 5 жыл бұрын

Good job

@shikharjoshi267 7 жыл бұрын

awesome

@Rafael-kr8xb 6 жыл бұрын

noice video !

@Rafael-kr8xb 6 жыл бұрын

more videos like this !

@mdfrslivinglife3959 Жыл бұрын

Very basic knowledge about privilege escalation

@ghareebelsony5634 6 жыл бұрын

wtf are u a hacking god or something?? it will take me about a hundred year just to think this way -_-! i will just go for sales or marketing, security doesn't suit me anyway :D

@nicolasdiaz3544 5 жыл бұрын

not work nmap --interactive

@hamzagondal8217 5 жыл бұрын

The version of NMap you are targeting might not have the interactive feature available.

@nicolasdiaz3544 5 жыл бұрын

@@hamzagondal8217 in the last version?

@hamzagondal8217 5 жыл бұрын

@@nicolasdiaz3544 You can check which version of NMap you are targeting. Once you do, you can google if that version has the interactive feature enabled. I'm gonna say it may not as it was disabled a while ago from NMap however, it may exist on a system running older linux version.