I got some studying in today. Did a bit of reading and watching some videos.

More PrivEsc

Today, I went over TryHackMe's Linux PrivEsc portion on weak file permissions. Went over some things I already knew, but it was still cool to go over it again. Basic things, like what you can do when you have the ability to edit the passwd or shadow file. (Very rare, but sometimes you'll see it on HTB and stuff like that.)

The ability to crack the password hash if you have read-only perms.

Also, looking at backup files in case they happen to have weaker perms than the actual files. (i.e. root's ssh key copied into some other directory and weak perms allowing you to read it.)

More CIS benchmarks

Again, these are just things I'm reading to build my knowledge a bit. I'm reading through the Ubuntu configurations.

There are some weird things I'd never actually considered, but I guess they make sense as I read them. For instance, ensuring that /var/log has its own partition. The idea being that:

  1. Protects against resource exhaustion since those log files can really grow.
  2. Protection of audit data.

I don't know if it's stuff the average user needs to worry too much about, but I enjoy expanding my knowledge.