# Linux Privilege Escalation

- [Linux Permissions](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/linux-permissions.md): rwx
- [Manual Enumeration](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/manual-enumeration.md): System, user, network, and password
- [Automated Tools](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/automated-tools.md): LinPEAS!
- [Kernel Exploits](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/kernel-exploits.md): Dirty Cow!
- [Passwords and File Permissions](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/passwords.md): Plaintext passwords vs. password hashes
- [SSH Keys](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/ssh-keys.md): id\_rsa, id\_rsa.pub, authorized\_keys
- [Sudo](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/sudo.md): sudo -l
- [SUID](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/suid.md): find / -perm -u=s -type f 2>/dev/null
- [Capabilities](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/capabilities.md): "Better" than SUID but vulnerable in the same way
- [Cron Jobs](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/cron-jobs.md): /etc/crontab
- [NFS Root Squashing](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/nfs-root-squashing.md): no\_root\_sqush
- [Docker](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/docker.md): docker run -v /:/mnt --rm -it bash chroot /mnt sh
- [GNU C Library](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/gnu-c-library.md): ldd --version
- [Exim](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/exim.md): which exim
- [Linux Privilege Escalation Course Capstone](/ctfnote/red-teaming/privilege-escalation/linux-privilege-escalation/linux-privilege-escalation-course-capstone.md): Five boxes from TryHackMe