Merge pull request #31 from wireghoul/master

More linux command documentation
2025-10-29 16:56:59 +00:00 · 2013-12-08 16:23:48 -08:00 · 2013-12-08 16:23:48 -08:00 · 3d042da838
commit 3d042da838
parent 2af0befd01 153592fac4
2 changed files with 51 additions and 2 deletions
--- a/linux/find_files.md
+++ b/linux/find_files.md
@ -14,6 +14,7 @@ $(document).ready(function() {
 Commands that finds files on the file system are usually executed from within a shell (sh/bash) or through a forking function such as system() or exec().

 ## ls
+
 ### Attributes showing
 * **Command with arguments**: `ls -l [directory or filename]`
 * **Description**: Displays attributes of files and directories in the specified location
@ -51,6 +52,7 @@ Commands that finds files on the file system are usually executed from within a
 ----

 ## find
+
 ### Search by name
 * **Command with arguments**: `find /etc -name "issue*"`
 * **Description**: Locates files matching the name (wildcards supported)
@ -61,9 +63,44 @@ Commands that finds files on the file system are usually executed from within a
    /etc/issue.dpkg-dist
    </code></div>

+### Search by permissions
+ * **Command with arguments**: `find / -perm 777`
+ * **Description**: Locates files matching the permissions
+ * **Output**:
+ * <div class="slide" style="cursor: pointer;"> **Ubuntu:** Show/Hide</div><div class="view"><code>root@localhost:~/ find / -perm 777
+    /initrd.img
+    /pentest/exploits/isr-evilgrade/include/sunjava/JavaPayload/FunnyClass2.jar
+    /pentest/exploits/isr-evilgrade/agent/java/javaws.exe
+    /pentest/exploits/isr-evilgrade/trash
+    /pentest/passwords/hashcat-gui/hashcat
+    /pentest/passwords/hashcat-gui/oclHashcat-plus
+    /pentest/passwords/hashcat-gui/oclHashcat-lite
+    /pentest/passwords/john/undrop
+    --snip--
+    </code></div>
+
+### Search by username
+ * **Command with arguments**: `find / -user root`
+ * **Description**: Locates files owned by the user "root"
+ * **Output**:
+  * <div class="slide" style="cursor: pointer;"> **Ubuntu:** Show/Hide</div><div class="view"><code>root@localhost:~/ find / -user root
+    /
+    /initrd.img
+    /pentest
+    /pentest/sniffers
+    /pentest/sniffers/dnschef
+    /pentest/sniffers/dnschef/dnschef.exe
+    /pentest/sniffers/dnschef/dnschef.ini
+    /pentest/sniffers/dnschef/dnslib
+    /pentest/sniffers/dnschef/dnslib/dns.py
+    /pentest/sniffers/dnschef/dnslib/__init__.py
+    --snip--
+    </code></div>
+
 ----

 ## locate
+
 * **Command with arguments**: `locate ifconfig`
 * **Description**: Look files up in the location database
 * **Output**:
--- a/linux/privesc.md
+++ b/linux/privesc.md
@ -1,3 +1,15 @@
-# Place Holder
+# Sudo
+Don't forget to check sudo to see if you can execute any commands with any privilege besides your user level
+**Show which commands sudo allows you to run**
+`sudo -l`

-Content coming. Feel free to submit ;-)
+# Find
+The following commands are helpful when looking to exploit local applications for privilege escalation
+**Finding world writeable directories**
+`find / -perm 777`
+
+**Find setuid files**
+`find / -perm +4000 -type f`
+
+**Find root setuid files**
+`find / -perm +4000 -uid 0 -type f`