Null offensive hacking hands-on training.
Proposed sessions for this event:
- Linux Post Exploitation - Privilege Escalation Techniques by Romansh Yadav
Linux Privilege Escalation Techniques
You can register by clicking on the Register button and Confirming Registration on the next page.Registrations will close on Sep 5th 11:30 PM or when the count reaches 45(whichever happens first). Only the registered participants will be sent a confirmation email with the venue details. This email will be sent by Thursday September 6th 2:00 PM.
Introduction:
This will be a completely hands on session on different methods to escalate privileges from a limited user to root privileges . At the end of this session, the participant will be able identify various ways privileges can be escalated from a limited user to that of a root user using various attack vectors:
The following types of attack techniques will be covered:
- Exploting kernal using ring0(CVE-2009-2692 ) and Dirtycow( CVE-2016-5195 )
- Linux Privilege Escalation Using PATH Variable
- Linux Privilege Escalation using SUID Binaries
- Linux Privilege Escalation using Cronjobs
- Linux Privilege Escalation using SUDO rights.
Please read the following instructions carefully:
As this is an full hands on session, ensure that the system you carry meets the minimum hardware requirements mentioned below.
Download and setup all the software pre-requisites and VM's listed below on the system before attending.
This will enable us to have a smooth, hassle free session.
Hardware Pre-requisites (Mandatory)
- A system capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
- Atleast 8GB of RAM
- Atleast 40 GB of free space
Software Pre-requisites (Mandatory)
- VirtualBox (Any version higher than 5.1). Please install this and come before the session. VMWare will not be supported.
- PuTTY to SSH into the VM. This is for Windows hosts. https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe
Download and setup the following Virtual Machines from Vuln Hub is mandatory before attending the session
- Mr-Robot.https://www.vulnhub.com/entry/mr-robot-1,151
- Stapler:1 https://www.vulnhub.com/entry/stapler-1,150/
- Kioptrix Level 1https://www.vulnhub.com/entry/kioptrix-level-1-1,22/
- Kioptirx Level 2https://www.vulnhub.com/entry/kioptrix-level-11-2,23/
- Kioptirx Level 3 https://www.vulnhub.com/entry/kioptrix-level-12-3,24/
- Kioptirx Level 4 https://www.vulnhub.com/entry/kioptrix-level-13-4,25/
- Kioptirx Level 5 https://www.vulnhub.com/entry/kioptrix-2014-5,62/
- Sick OS 1.2 https://www.vulnhub.com/entry/sickos-12,144/
Date | Saturday September 08 2018 |
---|---|
Chapter | Bangalore |
Registrations | 42 |
Max Registrations | 45 |
Event Type | Invite Only |
Start Time | 09:30 AM |
End Time | 06:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|---|---|---|---|
Linux Post Exploitation - Privilege Escalation Techniques | Romansh Yadav | 09:30 AM | 06:00 PM |