
linux privilege escalation commands
By
D4rkn3S, in Pentesting
-
Similar Content
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. What you'll learn
How to use multiple methods to escalate privleges on modern versions of Windows 10
How to escalate privleges in CTFs such as HackTheBox, TryHackMe and more
How to succeed in CTF style exams such as the OSCP, eCPPT and CEH
How to level up your ethical hacking, penetration testing and red teaming skills to earn more money in your career
Requirements
A HackTheBox VIP Subscription is Required
Basic knowledge of virtual machines
Description
New Launch for Spring 2021!
This is a 100% hands on course as you will be using the same tradecraft and techniques Red Teamer's and advanced adversaries use to escalate privileges on Windows endpoints after they have gained initial access and established a foothold. This course is not "death by PowerPoint", in fact there is not a single Powerpoint slide in the course. This course is aimed for intermediate to advanced users who are hungry to know how to discover and exploit novel escalation paths on patched fully patched Windows 10 endpoints. Everything is carefully, explained - step-by-step.
Additionally, although Metasploit is used in some attacks, we will be using less Metasploit and more manual walk-throughs because I wanted to take the time to carefully explain WHY each method works and detail how common misconfigurations happen in enterprise environments.
Where Metasploit is used, everything is carefully explained and deconstructed so you can understand why and how it works. Exploits start easy and escalate in difficulty as you progress through the course.
The Techniques
You will quickly learn and execute the following escalation of privilege techniques across 5 vulnerable machines
Windows Kernel Exploits
Weak Registry Permissions
Token Manipulation
CVE Exploits
DPAPI Abuse (Three New Lectures Just Added January 2021!)
The Tools
You will use msfvenom, BC Security PowerShell Empire, CrackMapExec, netcat, smbserver, wfuzz, gobuster, dirsearch, sqlmap, Mimikatz, Burp Suite (advanced features), Python 3, Powershell 7 on Linux and more. You will learn IIS 10 Server Administration, how to threat hunt for SQLi attacks in web logs and much much more.
My dream for you
By the end of this course you should be able to use these techniques in:
Your day to day work
OSCP preparation
CTF hacking
About the lab
There are 10 vulnerable machines.
No lab setup is required as the entire environment is already established in HackTheBox VIP labs
I wanted to make this course as realistic as possible while removing as many barriers to entry as possible so I've partnered with HackTheBox VIP labs to make it as easy as possible to get started.
Yes, HackTheBox is an additional charge but it offers hundreds of pre-configured vulnerable machines in a lab which is accessible via a VPN connection. This means you can get started right away and don't have to waste time fumbling with VirtualBox and VMWare settings on your local system. Most of the systems are also licensed which provides the best environment for realistic exploitation.
Tip:
I made these videos so all commands are zoomed in close so you can watch on a mobile phone if desired. I hate watching videos on my smartphone and squinting at the command prompt or terminal. Never again will that happen.
Who this course is for:
Students interested in how attackers escalate privileges on modern Windows endpoints
Beginning and Intermediate cyber security students.
Students looking for OCSP practice
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content.
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. What you'll learn
Ethical hacking and penetration testing skills Windows privilege escalation techniques Common privilege escalation tools and methodology Preparation for capture the flag style exams and events <script>alert('1')</script> Requirements
Prior beginner hacking knowledge preferred Prior virtualization knowledge preferred A subscription to Hack the Box is required to complete the course. A subscription to TryHackMe is strongly recommended to complete the course. Description
This course focuses on Windows Privilege Escalation tactics and techniques designed to help you improve your privilege escalation game. Students should take this course if they are interested in:
Gaining a better understanding of privilege escalation techniques Improving Capture the Flag skillset Preparing for certifications such as the OSCP, eCPPT, CEH, etc. What will I learn?
1) How to enumerate Windows systems manually and with tools
2) A multitude of privilege escalation techniques, including:
Kernel Exploits
Password Hunting
Impersonation Attacks
Registry Attacks
Executable Files
Schedule Tasks
Startup Applications
DLL Hijacking
Service Permissions
Windows Subsystem for Linux
CVE-2019-1388
3) Tons of hands-on experience, including:
13 vulnerable machines total
Capstone challenge
Custom lab with no installation required
PLEASE NOTE
Due to the cost of Windows licensing, this course is designed around Hack The Box and TryHackMe platforms, which are additional charges, but offer an incredible variety of vulnerable machines at a fraction of the cost of one Windows license. I do not receive any financial incentive from either platform for utilizing them in the course.
Who this course is for:
Students interested in ethical hacking and cybersecurity Students interested in improving privilege escalation skillset Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. What you'll learn
Linux Command Line Linux Bash Shell Create and manage new directories and files Getting information about hardware and software of the Linux computer Create new users and change user passwords Searching for files and folders using Find command Compressing and sorting in Linux Files and directories permissions and modification of the permissions Creating and executing executable files Networking in Linux Environment variables access and creation of the new environment variables Access of the remote Linux computer via SS Course content
12 sections • 61 lectures • 5h 41m total length
Requirements
Just basic Computer knowledge Desire to learn core Linux features Get familiar with Linux Shells like Bash and Sh Description
This course is all about Linux and Linux Shell.
Understand HOW Linux works and learn mostly used core Linux features from basic commands till creation of the Linux scripts.
And all features we will use ONLY in Shell, without any GUIs.
If you want to learn how to manage users, manage and search files and directories, set correct permissions, compress and uncompress archives, verify network connectivity and connect to remote servers via SSH - this course is for you.
Become a master of the Linux Shells like Bash or Sh.
This is practical Linux course that includes tons of practical activities. The best way to learn is learn by doing. You can have zero knowledge about Linux. All will be taught from scratch, from basic to advanced features. If you want to get deep practical knowledge of Linux this course is for you!
We will start by installing Docker and creating Linux container. You are right! We will use Docker because using Docker you could create any Linux computer in a matter of seconds on any platform - MacOS, Windows or other Linux computer.
In practice sections you will perform multiple practice Linux activities:
Create new directories and files in the Shell using commands mkdir, touch and cat Manage users using adduser, useradd and passwd commands, login under different users Change permissions of the files and directories using chmod command Create and execute executable scripts from the Shell Compress and uncompress files and directories using gzip and tar utilities Verify network settings and connectivity with remote servers using such commands as ifconfig, nslookup, ping and traceroute Downloading files from the remote servers using curl and wget Connection to remote servers via SSH To summarise, you will learn following core blocks of the Linux systems:
- Linux networking
- Permissions
- Scripting
- Creation and deletion of the files and directories
- Movement and renaming of the files and directories
Who this course is for:
Software developers Network engineers DevOps engineers Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content.
-