PriveEsc Checklist
System Information
Kernal information
uname -aOperating System Information
cat /etc/issue
cat /etc/*-releaseview $PATH
echo $PATH | tr ":" "\n"Network Information
View IP configuration information
ifconifg -aPrint current network routes
route -nCheck DNS resolver
cat /etc/resolv.confView ARP table
List all active TCP and UDP connections
Dump clear text PSK keys from the Network manager.
User Information
Current user
Last logged on
Currently logged on user
All users with UID and GUID Information
List all root accounts
Running Processes
List running processes
Processes running as root
Processes running as current user
File and Folder permissions
Can we read Shadow?
Find Sticky bit
Find SUID
Find SGID
World Writeable files
List configuration files in /etc/
Grep for interesting keywords in configuration files
Can we list the contents of root/?
Can we read other users history files?
Cronjobs and scheduled tasks
Check for tasks that are run as root and are world writeable.
Metasploit modules
Post exploit enumeration
Last updated