Shells and Privilege Escalation - Shell 和特权提升

TryHackMe | Shells and Privilege Escalation

一旦你在一台机器上获得了初始访问权限，要学会如何提升你的账户特权至 root 级别。

Once you have initial access on a machine, learn how to escalate your account privileges to root.

在系统中具有有限的用户访问权限并不能提供你完全利用其的必要特权。特权升级是任何安全任务中至关重要的一部分。本模块将提供你必要的技能，用于枚举和识别系统可能存在的漏洞。你将亲自动手，通过利用各种机器上的漏洞和配置错误，比如内核漏洞、易受攻击的服务和权限问题等，来获取系统级别的访问权限。

Having limited user access on a system won't give you the necessary privileges you need to fully exploit it. Privilege escalation is an essential part of any security engagement. This module will give you the necessary skills to enumerate and identify how a system can be made vulnerable. You'll get hands on by fully exploiting a variety of machines, through various vulnerabilities and misconfigurations; kernel exploits, vulnerable services and permission issues are a few of the techniques you'll use to gain system level access.

What the Shell? - 什么是 Shell

针对目标机器进行利用时，发送和接收（反向 / 绑定）shell 的简介。

An introduction to sending and receiving (reverse/bind) shells when exploiting target machines.

Common Linux Privesc - 常见的 Linux 特权提升方式

一个解释常见的 Linux 特权提升方式的教程。

A room explaining common Linux privilege escalation

Linux PrivEsc - Linux 特权提升

在一个特意配置错误的 Debian 虚拟机上练习你的 Linux 特权提升技能，有多种方式可以获取 root 权限！SSH 可用。凭证：user:password321

Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available. Credentials: user:password321