creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-14 23:14:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-privilege-escalation-on-linux/references/standards.md
T

28 lines
1.2 KiB
Markdown
Raw Blame History

# Standards and Framework References
## MITRE ATT&CK - Privilege Escalation (TA0004)
| Technique ID | Name | Description |
|-------------|------|-------------|
| T1548.001 | Setuid and Setgid | Exploit SUID/SGID binaries |
| T1548.003 | Sudo and Sudo Caching | Abuse sudo misconfigurations |
| T1068 | Exploitation for Privilege Escalation | Kernel/service exploits |
| T1574.006 | Dynamic Linker Hijacking | LD_PRELOAD/LD_LIBRARY_PATH abuse |
| T1053.003 | Cron | Abuse scheduled tasks |
| T1543.002 | Systemd Service | Writable service manipulation |
## Common Kernel CVEs
| CVE | Name | Kernel Range | CVSS |
|-----|------|-------------|------|
| CVE-2016-5195 | Dirty Cow | < 4.8.3 | 7.8 |
| CVE-2021-4034 | PwnKit (pkexec) | Polkit < 0.120 | 7.8 |
| CVE-2022-0847 | Dirty Pipe | 5.8 - 5.16.10 | 7.8 |
| CVE-2021-3156 | Baron Samedit (sudo) | sudo < 1.9.5p2 | 7.8 |
| CVE-2023-2640 | GameOver(lay) | Ubuntu kernels | 7.8 |
| CVE-2023-0386 | OverlayFS | 5.11 - 6.2 | 7.8 |
## CIS Benchmark - Linux
- Ensure permissions on /etc/crontab are configured (600 root:root)
- Ensure SUID/SGID files are reviewed regularly
- Ensure sudo is configured to use a pseudo-TTY
- Ensure no world-writable files exist in system paths
Reference in New Issue View Git Blame Copy Permalink