⬆️Privilege Escalation
SUID, SGID and Capabilities
Commands to view SUID binaries:
find / -type f -perm -4000 -ls 2>/dev/nullCommands to view SGID binaries:
find / -type f -perm -g+s 2>/dev/nullCommands to view capabilities:
getcap -r / 2>/dev/null/usr/sbin/getcap -r / 2>/dev/nullRunning processes
Display a complete and extended list of all running processes on the system:
ps -fauxShow a list of listening TCP sockets on the system, including the IP address and listening port number, as well as the associated program (process) waiting for connections on each socket:
ss -nltpTasks that run at specified intervals:
cat /etc/crontabUtilities
Check for directories or files where we have write permissions:
find / -writable | grep -v -E "proc|dev"Last updated