.png)
1 day ago
5 BOOK THIS SPACE FOR AD
ARTICLE AD
This article is based on privilege escalation. In this article I’LL give you a technique that helps to gain root access on the machine. OR you can easily perform unauthorize actions.
I am not starting this technique with just putting random code without logic. We’ll learn it from basics to advance that helps to understand why and how this vulnerability occur.
Hi my dear fellows, Mr Horbio this side. Today’s topic is how to escalate privilege in Linux machine. Firstly we clear our fundamental about PATH and then learn about PATH HIJACKING .
Introduction
Privilege escalation is a cybersecurity technique where an attacker , after getting foothold on the system , exploit vulnerability to gain root or Admin level.
What is PATH?
When we launch any program in the shell , we typically just write the name of the program. ex : if i want to list out all the files in a current directory then we use ‘ls’ command. i.e. a program.
Do you think how it’s work? , I think no!
Do you think, How does the shell process know which command to executed?
Remember that in modern OS , resources are located in specified path of a file system. Even binaries , which are the programs we use to do various activities. This means that before executing the command , the shell needs to resolve its full path. It means it needs to know where is the program in the file system. Now here the concept of PATH comes here.
when we execute the PATH ,
$ echo $PATH/cocalc/bin:/cocalc/src/smc-project/bin:/home/user/bin:/home/user/.local/bin:/ext/bin/nosudo:/ext/bin/nonet:/ext/bin:/usr/lib/xpra:/opt/ghc/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/ext/data/homer/bin:/ext/data/weblogo:/usr/lib/postgresql/15/binyou see the PATH like above. This Path is shows different in every machines.
Notice here that “echo” is the command that used to print stuff to the console and $PATH is the name of the environment variable which contain the PATH.
Bengali (Bangladesh) · 
English (United States) ·