In this section, you will explore the use of linPEAS, a powerful script designed for local enumeration on Unix-based systems. linPEAS (Linux Privilege Escalation Awesome Script) is part of the Privilege Escalation Awesome Scripts (PEAS) suite and is specifically tailored to automate the process of identifying potential vectors for privilege escalation. By running linPEAS on a compromised system, you can efficiently gather comprehensive information about system configurations, installed software, running processes, and known vulnerabilities.
In order to run linpeas.sh, we must grant execute permissions to the file with the following:
chmod +x linpeas.sh
Now we should be able to run the script:
./linpeas.sh
linPEAS gives us a wealth of information and potential privesc paths, in the legend you can see how to identify these paths which are color coded. Most of the the red color coded text will provide you the path to gain root access to the target. However, occasionally red/yellow color coded text can prove to be high likelihood of obtaining elevated privileges.
In the next section, we will perform a privesc on the machine using the linPEAS output.