After you’ve popped a shell on an OSCP machine, chances are you are going to need to escalate your privileges before getting that sweet root.txt. I’ve noticed that a lot of PWK students tend to struggle with privilege escalation on Windows and Linux, including myself. Here are some mind maps that I have created to aid with this knowledge gap. I’ve also created videos to show off some of these privilege escalation methods in detail.
Note: These are originally from the OSCP Windows Privilege Escalation Methodology and OSCP Linux Privilege Escalation Methodology videos I put out a few months ago.
Linux
Linux Privilege Escalation Videos:
- Exploiting sudo access
- Exploiting SUID
- Writeable root PATH
- Cracking /etc/shadow
- Kernel exploits
- NFS no_root_squash
- Docker group
- LXD group
- Sudo + LD_PRELOAD
Windows
Windows Privilege Escalation Videos:
Conclusion
I hope that these mind maps will be useful to reference during your studying or exam. It’s easy to miss small details during the privilege escalation phase and having a checklist or mind map to reference can save you from skipping the intended way to priv esc. I will be adding more links here as videos are created for each method.
If you’d like to stay updated with new privilege escalation videos as they come out, make sure that you subscribe to my YouTube channel.
