Linux OS basics
everything is a file
permissions of a file:
owner
owner group
others
File permissions
r: reading content
w: changing content
x: running content
Directory permissions
r: list content of directory
w: create and delete files
x: cd into the directory
x but not r
-> user can go into directory but can not list files
-> user might read files if he knows the exact name
setuid/setgid
allows to run the currently logged in user to run the file as owner (setuid) or group owner (setgid)
/etc/passwd
system service useres with “nologin”
<name>:<passwd>:<uid>:<gid>:<comment>:<home>:<shell>
password is usually “x” -> means it is stored in /etc/shadow
if we can write into /etc/passwd:
overwrite passwd in /etc/passwd, because this has precedence
Capabilities
Extra attributes which might be assigned to processes, binaries and services to assign specific prvileges
e.g. cap_setuid
AppArmor
default on Debian 10
might block priv esc
check syslog for apparmor=”DENIED”
Kernel exploits
depend on:
kernel version
os
Zuletzt geändertvor einem Jahr