https://tryhackme.com/room/linprivesc

Task 3 - Enumeration

Hereby introduced a lot of common commands, if I forget / forgot I will definitely come back

Task 4 - Automated Enumeration Tools

PEASS-ng/linPEAS at master · carlospolop/PEASS-ng

https://github.com/rebootuser/LinEnum

https://github.com/mzet-/linux-exploit-suggester

https://github.com/diego-treitos/linux-smart-enumeration

https://github.com/linted/linuxprivchecker

Task 5 - Kernel Exploits

Linux Kernel CVEs | Linux Kernel Vulnerability Tracker

https://github.com/mzet-/linux-exploit-suggester

Task 6 - Sudo

GTFOBins

Task 7 - SUID

find / -type f -perm -04000 -ls 2>/dev/null

unshadow tool - Combines the passwd and shadow files so John can use them.

unshadow passwd.txt shadow.txt > unshadow.txt

Then crack it using john

john --wordlist=/usr/share/wordlists/rockyou.txt unshadow.txt