241 Escalating Privileges on a Linux Machine The methods we talked about would only work on a Windows-based operating system, so you
must be wondering why we didn’t discuss escalating privileges on a Linux box. The reason
is that there are specific privilege escalation exploits for a Linux-based operating system
depending upon the kernel version that our target is using. The getsystem inside meterpreter
is less likely to work on them. I reserved this part for the web hacking chapter, where we will
learn about server hacking.
Maintaining Access So now we have managed to escalate our privileges to either administrator level or SYSTEM level.
Our next step would be to make it easier for us to access the system any time we want.
So far, we have managed to maintain stability, but we haven’t managed to establish per-
sistency. Whenever the target computer reboots, the process on which we have attached our
meterpreter session will be closed and we would lose access. So one might ask, why not access
the system by using the vulnerability we previously exploited? Well, yes, we can do that, but it is
not the best approach, since over time applications get updated, patches are applied, and, hence,
vulnerabilities are patched. What we want is an easier way to access our system, for which there
are better approaches. Therefore we don’t want to go through all the hard work of compromising
the target again.
We focus on two different strategies for maintaining access. They are discussed next.
Installing a Backdoor Backdooring a system is one of the best approaches in my opinion since it’s stealthy most of the
times. What we want to make sure with installing a backdoor is that our
backdoor is persistent and
that we are able to connect with our backdoor even when the system reboots. In order to accom-
plish this we would make changes to the registry.
