privilege escalation - world-writable directories and files
2024-09-03
Often, privilege escalation exploits and other such malware requires write access to the filesystem in order to store and run the payload.
On Linux and Unix-like systems, several world-writable directories may be present:
…
If a user of the system has set permissions to be readable, writable and executable by anyone on the system using something like `chmod 777 file`, an attacker may over-write the contents of one of these files with their payload and execute it.
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit