In a Nutshell

Linux is a free, open-source operating system made up of the Linux kernel, developed by Linus Torvalds, and the GNU toolkit, created by Richard Stallman. Together, they form what is commonly known as GNU/Linux. Linux is widely used in various fields but is typically deployed as a server OS. Because of this, Linux servers often run specific services and protocols, which can provide attackers with access vectors. Understanding these services, their functions, and potential vulnerabilities is crucial for penetration testers.

Types of Vulnerabilities

Vulnerability

Description

Privilege Escalation

Exploiting weaknesses to gain higher-level permissions than initially granted.

Weak File Permissions

Misconfigured permissions allow unauthorized users to access sensitive files.

Kernel Exploits

Flaws in the Linux kernel that allow attackers to execute malicious code at a system level.

Insecure SSH Configuration

Weak or default SSH settings that can be exploited for unauthorized remote access.

Unpatched Software

Outdated software with known vulnerabilities can be exploited if security patches are not applied.

Sudo Misconfigurations

Improperly configured sudo privileges allow non-admin users to execute commands as root.

Unrestricted Cron Jobs

Poorly managed cron jobs can allow attackers to execute malicious tasks automatically.

These vulnerabilities are not exhaustive.

Frequently Exploited Services

Protocol/Service

Ports

Purpose

Apache Web Server

TCP Port 80/443

Hosts websites and serves web content over HTTP (80) or HTTPS (443)

SSH (Secure Shell)

TCP Port 22

Provides secure remote login and command execution

FTP (File Transfer Protocol)

TCP Port 21

Transfers files between client and server

SAMBA

TCP Port 445

Enables file and print services sharing over a network (mainly for Windows interoperability)

PreviousLinux NextCVE-2014-6271: Shellshock

Last updated 8 months ago

In a Nutshell

Types of Vulnerabilities

Vulnerability

Description

Privilege Escalation

Exploiting weaknesses to gain higher-level permissions than initially granted.

Weak File Permissions

Misconfigured permissions allow unauthorized users to access sensitive files.

Kernel Exploits

Flaws in the Linux kernel that allow attackers to execute malicious code at a system level.

Insecure SSH Configuration

Weak or default SSH settings that can be exploited for unauthorized remote access.

Unpatched Software

Outdated software with known vulnerabilities can be exploited if security patches are not applied.

Sudo Misconfigurations

Improperly configured sudo privileges allow non-admin users to execute commands as root.

Unrestricted Cron Jobs

Poorly managed cron jobs can allow attackers to execute malicious tasks automatically.

These vulnerabilities are not exhaustive.

Frequently Exploited Services

Protocol/Service

Ports

Purpose

Apache Web Server

TCP Port 80/443

Hosts websites and serves web content over HTTP (80) or HTTPS (443)

SSH (Secure Shell)

TCP Port 22

Provides secure remote login and command execution

FTP (File Transfer Protocol)

TCP Port 21

Transfers files between client and server

SAMBA

TCP Port 445

Enables file and print services sharing over a network (mainly for Windows interoperability)

PreviousLinux NextCVE-2014-6271: Shellshock

Last updated 8 months ago