02
Linux security
From a standard user account to full server control. Every path documented.
Once an attacker gets any foothold on a Linux server, through a vulnerability, a phishing attack, or a compromised developer account, the question becomes: how far can they go? This assessment traces every path from low-privileged access to full root control and documents exactly how to close each one.
What I test
- →System binary abuse: can misconfigured built-in tools be used to execute commands as root?
- →Scheduled task security: can a low-privileged user modify scripts that run automatically as administrator?
- →User privilege controls: can a standard account run commands with administrator permissions it should not have?
- →File permissions: are configuration files or credentials readable by users who should not access them?
- →SSH security: key management, authorised access review, weak configuration detection.
- →Outdated software: unpatched operating system and service versions with known vulnerabilities.
- →Credentials in configuration files, command history, and environment variables.
- →Container security: does the Docker daemon or container runtime expose a path to full server takeover?
Privilege escalationServer hardeningSSHScheduled tasksCredential exposure
Example findings
CRITICALContainer daemon accessible to the web server user. Full server takeover in a single command.
HIGHScheduled task runs a script that the web server user can freely modify.
HIGHSystem tool configured to run with administrator rights and allows arbitrary command execution.
MEDIUMSSH private keys readable by any user on the server.
Illustrative examples, not exhaustive.
Deliverable
Request this assessment →Server hardening report with prioritised remediation steps and references to industry hardening standards.