How to Use Linux Smart Enumeration to Discover Paths to Privesc

Privilege escalation is the technique used to exploit certain flaws to obtain elevated permissions relative to the current user. There are a vast number of methods out there to go from user to root on Linux, and keeping track of them all can be difficult. This is where automation comes into play, and a privilege escalation script called Linux Smart Enumeration is one to take advantage of.


LSE vs LinEnum


Linux Smart Enumeration sets itself apart from other privilege escalation scripts because of the features it has. One of the most significant differences between it and other scripts like LinEnum is the ability to display more information about the target gradually. LSE has three verbosity levels that will show more details depending on what level is run.


Another fantastic feature of LSE is the process monitor. At the end of the script, it will determine what processes are running on the host as both root and non-root users. This makes it easy to see what's going on behind the scenes. LSE also has a few more options to control how it runs, something lacking in other privesc scripts.


Step 1: Transfer to Target


We'll assume that we already have a fully upgraded low-level user shell on the target. We'll also assume that the target has limited access to the internet, so we'll need to transfer files from our local machine to the target manually. To practice, we're using linux smart enumeration discover paths privesc