New Training: Localhost Vulnerabilities, Attacks, and Tools

In this 8-video skill, CBT Nuggets trainer Bob Salmans takes a look at what vulnerabilities may exist on a local host. Once vulnerabilities are identified you’ll discover how to exploit them and achieve system level permissions. Watch this new CompTIA training.

Watch the full course: CompTIA PenTest+

This training includes:

• 8 videos

• 1.2 hours of training

You’ll learn these topics in this skill:

• Introduction to Privilege Escalation

• Linux Privilege Escalation Pt.1

• Linux Privilege Escalation Pt.2

• Linux Shell Escalation

• Linux Local Host Enumeration

• Linux Privilege Escalation Via Cron Jobs

• Linux SUID and SUDO privilege escalation

• Linux Local Exploit Privilege Escalation

What are Common Local Host Vulnerabilities?

There are all sorts of network vulnerabilities that can let intruders in, but local host vulnerabilities are particularly pernicious. Bad actors love gaining access as close to the user as they can — it’s a good way to circumvent network defenses and otherwise watchful eyes of security devices. Common local host vulnerabilities include insecure service and protocol configurations, local privilege escalation and insecure SUDO implementations. Let’s explore those.

Maintaining insecure services or protocol configurations is just asking for trouble. Many protocols give unbelievable levels of access and clumsy security configurations can overlook things like Telnet or Cisco Smart Install — two protocols that could give an intruder full access to traffic or switches.

When an attacker manages to pull off privilege escalation, they’re maintaining a persona of a compromised user or application but elevating the level of authority of that persona. Once that’s done, that exploited user or application can perform even further actions on the system or network.

Sudo implementations let administrators run commands as a super user (sudo = “super user do”). If an attacker can take advantage of a misconfigured sudo implementation, imagine the havoc they could wreak with access to all commands from any terminal as any user.