all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Linux Privilege Escalation — Fail2Ban Exploit

Add to bookmarks
March 27, 2023, 1:16 p.m. | Mr Jokar

System Weakness - Medium systemweakness.com

Linux Privilege Escalation — Fail2Ban Exploit

This privilege escalation is about exploiting a feature on the IPS fail2ban if proper permissions are given. To check that we can do sudo enumeration with sudo -l and if the result says that our user can restart the fail2ban tool, then we can proceed to escalate the privilege with it.

What is fail2ban?

Fail2ban is an IPS program. IDPS stands for Intrusion Detection & Prevention Software. It means fail2ban has the ability to …

address amp block check ctf cybersecurity detection enumeration escalation exploit exploiting fail2ban idps intrusion intrusion detection ip address ips linux malicious permissions prevention privilege privilege escalation program result software sudo tool what is

Visit resource

More from systemweakness.com / System Weakness - Medium

NESA Cybersecurity Standards of UAE — An Overview 18 hours ago | systemweakness.com
authority called compliance critical +23
Analytics Write-Up 18 hours ago | systemweakness.com
ctf-writeup hackthebox htb-writeup infosec +1
SSL certificate chain and how it’s verification works in browser (when misconfigured in server) but 18 hours ago | systemweakness.com
ssl ssl-certificate-chain
Cybersecurity Insights: Adversarial Machine Learning Demystified 18 hours ago | systemweakness.com
adversarial ai applications artificial intelligence +14
Best Open Source Software for Cybersecurity 18 hours ago | systemweakness.com
analysis applications best of can +24
Boosting Website Security: Implementing SSL Termination on Your HAProxy Load Balancer. 2 days, 21 hours ago | systemweakness.com
encryption haproxy ssl certificate web development +1
THM: Gaining Access to the Library Server 3 days, 1 hour ago | systemweakness.com
thm-writeup
Setting Up a Local Kubernetes Cluster with Minikube and Deploying a Web Application 3 days, 18 hours ago | systemweakness.com
kubectl kubernetes minikube virtualbox +1
TestDisk in Linux and recover deleted files 3 days, 18 hours ago | systemweakness.com
data deleted-files-recovery linux recovery

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Database Security Engineer, Assistant Vice President

@ MUFG | Tampa - 4050 West Boy Scout Blvd.
View on infosec-jobs.com

Senior IR & SecOps Engineer

@ JFrog | Tel Aviv
View on infosec-jobs.com

Consultant ITSCM / IT-Notfallmanagement (m/w/d)

@ Schwarz Gruppe | Berlin, DE
View on infosec-jobs.com

Freelancer Auditor Information Security - ISO 27001 - Netherlands

@ LRQA | Rotterdam, NL
View on infosec-jobs.com

GG9b-Assoc Eng II, Services

@ HARMAN International | IN Bengaluru EOIZ Indust Area Campus HCS
View on infosec-jobs.com
View more jobs