August 2018
Intermediate to advanced
404 pages
10h 22m
English
We decided to use the modification of a file that is executed with root privileges at startup as our way of gaining administrative access. There are other options that may not require the attacker to wait for the server to be restarted, although altering startup scripts may be a way to retain persistent access, especially if such alterations are done in obscure functions within the scripts that are rarely looked into by administrators and developers.
Other common aspects to look for when trying to escalate privileges in Unix-based systems are the following:
Read now
Unlock full access