I am a 3rd yr pentester (9 years in IT) in the federal sector and i must say that was the most no bullshit explanation of privesc that i have ever seen. Please continue making videos the way you do (straight to the point)..also you have a new subscriber!
Thanks for the video. Just a little heads up: The command to list other super users will always return "root" since all it does is checking for $3 to be 0 and then print out that line. $3 is the entry for the user id and uid = 0 is always root.
This video is very usefull thanks . Privelege escalation is extremely hard. Do you have any suggestion more? Or do you upload a lot video about priv escalation :) Thanks
Is there any easy way to determine what SUID files can be exploited, I know a couple from off the top of my head like nmap. But how do you determine if other SUID binaries except nmap/vi/vim etc. can be exploited that way?
I use linuxprivchecker you can GitHub it. It's a simple python script that you can deliver a number of ways. Once it's on a target system running it gives you just about all the information you could ever dream of.
Thanks! This video got me my 2nd root on HackTheBox! I'm sure I'll come back to this video a few times moving forward as there are lots of great tips in there!
@@nicolasdiaz3544 You can check which version of NMap you are targeting. Once you do, you can google if that version has the interactive feature enabled. I'm gonna say it may not as it was disabled a while ago from NMap however, it may exist on a system running older linux version.
wtf are u a hacking god or something?? it will take me about a hundred year just to think this way -_-! i will just go for sales or marketing, security doesn't suit me anyway :D
I am a 3rd yr pentester (9 years in IT) in the federal sector and i must say that was the most no bullshit explanation of privesc that i have ever seen. Please continue making videos the way you do (straight to the point)..also you have a new subscriber!
This is an extremely helpful video! You helped me escape a restricted shell in HTB!
Great episode Beau!
note that also newer versions of nmap can be exploited (if set as SUID) by including your own script
Good tip, thanks!
Wonderfull! I learnt a lot, while Im trying to recover sudo proviledge in a Oracle instance
Thank you man, great Episode!
Thank you! This is excellent!
Thanks for the video. Just a little heads up:
The command to list other super users will always return "root" since all it does is checking for $3 to be 0 and then print out that line. $3 is the entry for the user id and uid = 0 is always root.
Neat channel, thank you!
That was fun and good to learn. Im at the very beginning of my pentesting journey about to start Linux+ in class.
Where are you 10 months later? What advice would you give to yourself 10 months ago?
Liked the video very much, nicely explained, best part is quality of video and audio and the vocal of speaker.. 5 out of 5
Very nice 👍
Very informative ❤️
sudo -l only shows /usr/bin/php and couldnt find my way around :/ could you spare any tips about the situation
u deserve a really cold beer man ;)
You rock :) thank you, learn a lot
Thank you!
How can i install an older version of nmap correctly? I have huge roblems on doing it
This video is very usefull thanks . Privelege escalation is extremely hard. Do you have any suggestion more? Or do you upload a lot video about priv escalation :) Thanks
i find it the most usefull tutorial on youtube
Thanks a lot !!!
Still an awesome video man.... BTBAM FTW!
Is there any easy way to determine what SUID files can be exploited, I know a couple from off the top of my head like nmap. But how do you determine if other SUID binaries except nmap/vi/vim etc. can be exploited that way?
I use linuxprivchecker you can GitHub it. It's a simple python script that you can deliver a number of ways. Once it's on a target system running it gives you just about all the information you could ever dream of.
i chmod my nmap to get it suid, but when i use the !sh command it dosent give me root :( any idea what im doing wrong?
Good job
I'm so mad i had to come here for this..........
but thank you for the education lol
awesome
I can't seem to hack a cloud vps, they removed almost all non essential binaries. even the sudo lol.
noice video !
more videos like this !
Thanks! This video got me my 2nd root on HackTheBox! I'm sure I'll come back to this video a few times moving forward as there are lots of great tips in there!
not work nmap --interactive
The version of NMap you are targeting might not have the interactive feature available.
@@hamzagondal8217 in the last version?
@@nicolasdiaz3544 You can check which version of NMap you are targeting. Once you do, you can google if that version has the interactive feature enabled. I'm gonna say it may not as it was disabled a while ago from NMap however, it may exist on a system running older linux version.
Very basic knowledge about privilege escalation
wtf are u a hacking god or something?? it will take me about a hundred year just to think this way -_-! i will just go for sales or marketing, security doesn't suit me anyway :D