Ethical Hacking Techniques

Share this post

Ethical Hacking Techniques
Linux Privilege Escalation - Introduction (Understanding Linux Permissions)
Copy link
Facebook
Email
Notes
More
Linux Privilege Escalation

Linux Privilege Escalation - Introduction (Understanding Linux Permissions)

In this post we cover what Linux Privilege Escalation actually means in the real world, and basic concepts surrounding the Linux operating system. (Users, Groups, Files and directories).

Gareth Kerr
Aug 15, 2022
1

Share this post

Ethical Hacking Techniques
Linux Privilege Escalation - Introduction (Understanding Linux Permissions)
Copy link
Facebook
Email
Notes
More
Share

Welcome to the first article in this Linux Privilege Escalation series. This series is intended for those wanting to learn aspects of Penetration Testing or folks who already work in the field.

In this series, we will be aiming to cover the core concepts surrounding Linux privilege escalation. The posts will cover the following concepts.

Thanks for reading Ethical Hacking Techniques! Subscribe for free to receive new posts and support my work.

  1. How Linux handles basic user permissions.

  2. Several ways to escalate your user's privileges.

  3. Various tools to make identifying privilege escalation paths easier.

What exactly is Linux Privilege Escalation?

In reality, all privilege escalations are instances of access control misconfigurations. Understanding how Linux manages permissions is crucial when focusing on privilege escalations.

The end result of privilege escalation in Linux is to obtain a shell that is currently running as the root user. The process of escalating privileges might be straightforward, or it can involve extensive system reconnaissance. Privilege escalation frequently involves more than one misconfiguration on the system, so you may need to think strategically and combine them in order to obtain a root shell.

Permissions in Linux

Permissions in Linux are, at their most basic level, a connection between users, groups, and files and directories. Users can be a part of several groups. Multiple users can be part of a group. The permissions of each file and directory are defined in terms of a user, a group, and "others" (all other users on the system).

What are Users in Linux?

In a Linux operating system, a user is an entity that has access to files and may carry out a number of additional functions. In the operating system, each user is given a unique ID that is issued to them only.

Some core concepts surrounding Linux Users:

  • The /etc/passwd file contains configured user accounts.

  • Hashes of user passwords are kept in the /etc/shadow file.

  • An integer user ID is used to identify users (UID).

  • A unique kind of account in Linux is the "root" user account.

  • The system allows this user, who has a UID of 0, access to every file. (Like an OS God mode)

Listing the current users on Kali Linux.

What are Groups in Linux?

A group is a collection of users in Linux. The primary use of groups is to specify a set of permissions, such as read, write, or execute permission for a certain resource, that can be shared by the group's members.

  • The /etc/group file is where groups are configured.

  • Users can have several secondary (or supplementary) groups in addition to their primary group.

  • A person's primary group by default shares the same name as their user account.

Listing the current groups on Kali Linux

What are Files & Directories in Linux?

A directory is a file whose sole purpose is to store file names and the information that goes with them. Directories house all files, whether they are common, unique, or directory-related. Unix organises files and directories using a hierarchical structure. A directory tree is a common name for this structure.

  • Every file and directory has a single owner as well as a group.

  • Read, write, and execute operations are used to define permissions.

  • Three sets of permissions are available: owner, group and other.

  • Permissions can only be altered by the owner of the group.

File & Folder Permissions.

File permissions are pretty easy to understand, and directories, however, are slightly more complicated.

For example.

Read (r):

  • File - The contents of the file can be read when set.

  • Folder - The contents of the folder can be read when set.

Write (w):

  • File - The contents of the file can be modified when set.

  • Folder - Files and any subsequent subdirectories can be created when set.

Execute (x):

  • File - The file can be executed when set.

  • Folder - The directory can be accessed when set. The read and write permissions won't function without this permission.

Viewing permissions in Linux.

Example ls command (ls -l) “-l” use a long listing format

  • The ls command is the go-to command to view the permissions of a specific directory or file.

  • the (-) character denotes a file.

  • The (d) denotes a directory.

  • The remaining 9 characters represent the 3 sets of permissions (owner xxx, group xxx and others xxx

But Wait There's More GIFs | Tenor

Special Permissions in Linux

Special permissions are where things get interesting.

setuid (SUID) bit

  • When enabled, files will be executed with the file owner's permission.

setgid (SGID) bit

  • When a file has this setting, it will be run with the file group's permissions.

  • When a group is specified on a directory, any files produced in that directory will also inherit that group.

That’s it for this post.

Thanks for reading Ethical Hacking Techniques! Subscribe for free to receive new posts and support my work.

1

Share this post

Ethical Hacking Techniques
Linux Privilege Escalation - Introduction (Understanding Linux Permissions)
Copy link
Facebook
Email
Notes
More
Share

No posts

Ready for more?

© 2025 Gareth Kerr
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More