During a penetration test, you have obtained a low-privileged user shell on a Linux system. You want to perform privilege escalation to gain root access. Which of the following methods would be the most effective initial step in identifying potential vectors for vertical privilege escalation?
You selected this option
Examine the /etc/passwd file for users with a UID of 0
You selected this option
Check currently running processes and services using commands like ps aux, top, or systemctl
You selected this option
Review all entries in the /etc/crontab for cron jobs that a user may be able to modify
You selected this option
Brute-force the root account password using a tool like Hydra
Checking currently running processes and services as the low-privileged user would be an essential first step, as it can reveal applications or services running with higher privileges that may be vulnerable to exploitation. Examining the /etc/passwd file is usually an initial step, but it serves to identify potential target user accounts rather than privilege escalation vectors. Reviewing cron jobs is also a beneficial action, but it's more specific to finding scheduled tasks that might be run with elevated privileges and would not ordinarily be an initial step. Finally, brute-forcing the root password is typically considered a last resort due to its noisiness and likelihood of detection, and it is not directly associated with vertical privilege escalation exploits.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some common privilege escalation techniques on Linux?
Open an interactive chat with Bash
What is the significance of checking running processes with commands like ps aux?
Open an interactive chat with Bash
Why is brute-forcing the root password not the best initial step for privilege escalation?