Linux Privilege Escalation (Part 5.2)
Linux Privileges Every file in a Linux system must comply with user and group permissions according to the fundamental capabilities of read, write, and execute. Most of the resources, including directories, files, devices, and network connections that represented in the file system is one of the distinguishing characteristics of Linux and its UNIX variants. Insecure File Permissions The pen tester should find an executable file that provide him right access and elevated privileges to take advantage of unsafe file permissions. Linux passwords are generally stored in /etc/shadow file, which is inaccessible to unprivileged users, unless a centralized credential system like Active Directory or LDAP is utilized. However, in the past, the password hashes and other account details were kept in publicly accessible file /etc/passwd. so, if he has access to the /etc/passwd file then, he can set any account's password to whatever he choose. Environmental Variable Variables that are unique