Privilege escalation on Linux
In this section, we'll see how we can exploit a vulnerability in a Linux system and then escalate our privileges. We'll be using Metasploitable 2 as our target.
Before we can even think of privilege escalation, we must have at least normal-level access to the target system. In this case, our target system's IP address is 192.168.25.129
. We start by initiating SPARTA in order to gather some quick information about our target. We add the target IP in the scope of the SPARTA scan, as shown in the following screenshot:
Once the SPARTA scan is complete, we get to know what services are running on our target system. Now we find out that the target system is running one service, distccd
(as shown in the following screenshot), that is a distributed computing application used for source-code compilation:
Now that we know the service to be exploited, we'll open up the Metasploit console to look for any exploits related to distcc
:
We get an exploit named distcc_exec
readily...