Troy Defty
[Context Information Security]
Having worked in the UK InfoSec industry for around five and a half years at Deloitte and later Context Information Security, Troy abandoned a dreary sun-less London and has been working in the Australian industry out of Sydney for over a year with Pure Security.

His interest and experience is largely in bespoke penetration testing engagements (red teaming, ICS, scenario-based assessments, etc.) - with broad coverage across the penetration testing spectrum.

Other interests include music, electronics, the outdoors, travel, rugby, CTF, and being bad at golf.

Tutorial: Linux Privilege Escalation

Technical Level (3 being the highest score): 2

Attackers never stop at initial compromise; there is always an end goal objective which often requires privileged access to specific devices or systems.

Moving from low to high privileged access is crucial to this strategy, with various controls regularly being employed to limit the likelihood of such an attack succeeding, or increasing the effort required for an attacker to reach their goal. As security professionals, we need to understand such techniques in order to accurately assess the risk and likelihood of a given attack path within the organisation.

Identifying the correct privilege escalation vector can often feel like looking for a needle in a haystack, however with the right approach and understanding of the various controls in play, gaining full control can often be a safe assumption in many instances following initial foothold.

This course therefore will equip those likely to find themselves with an initial foothold with the skills to practically exploit a given privilege escalation vector on the Linux system. Attendees will be presented with various scenarios and methods by which full control can be achieved, supported by a virtualised set of challenges to practice and hone their techniques.

We will be focusing on privilege escalation in Linux, looking at both the basic scenarios and some more complex instances, as well as escaping restricted shells and execution environments.

Alongside a core methodology and exposure to various privilege escalation scenarios, attendees will also take away an execution environment which can be used to further hone their privilege escalation skills, and be tuned to increase the difficulty of exploitation by enabling controls commonly found in the wild and within hardened environments.

Specifically, the following topics will be covered:

Day One:
* The Linux privilege model, and the importance of root
* Basic Linux privilege escalation

Day Two:
* Escaping and bypassing restricted ironments
* Complex Linux escalation

Secure your place now!