β°Cron Job Abuse
π― Overview
Misconfigured cron jobs running as root with writable scripts provide privilege escalation opportunities through script modification and command injection.
π Cron Job Enumeration
Find Cron Jobs
# System cron jobs
cat /etc/crontab
ls -la /etc/cron.d/
ls -la /etc/cron.daily/
ls -la /etc/cron.hourly/
ls -la /etc/cron.weekly/
ls -la /etc/cron.monthly/
# User cron jobs
crontab -l
ls -la /var/spool/cron/crontabs/Find Writable Scripts
π΅οΈ Process Monitoring with pspy
Install and Run pspy
Identify Cron Patterns
π― Exploitation Techniques
Script Modification
Timing Analysis
π Common Payloads
Reverse Shell
Privilege Escalation
File Extraction
π§ Advanced Techniques
Stealth Modifications
Conditional Payloads
π Detection Script
π Quick Reference
Immediate Checks
Emergency Exploitation
Timing Patterns
Cron job abuse exploits automated administrative tasks - writable scripts executed as root provide direct privilege escalation through command injection and script modification.
Last updated