search

⏰Cron Job Abuse

hashtag
🎯 Overview

Misconfigured cron jobs running as root with writable scripts provide privilege escalation opportunities through script modification and command injection.

hashtag
πŸ” Cron Job Enumeration

hashtag
Find Cron Jobs

# System cron jobs
cat /etc/crontab
ls -la /etc/cron.d/
ls -la /etc/cron.daily/
ls -la /etc/cron.hourly/
ls -la /etc/cron.weekly/
ls -la /etc/cron.monthly/

# User cron jobs
crontab -l
ls -la /var/spool/cron/crontabs/

hashtag
Find Writable Scripts

hashtag
πŸ•΅οΈ Process Monitoring with pspy

hashtag
Install and Run pspy

hashtag
Identify Cron Patterns

hashtag
🎯 Exploitation Techniques

hashtag
Script Modification

hashtag
Timing Analysis

hashtag
πŸš€ Common Payloads

hashtag
Reverse Shell

hashtag
Privilege Escalation

hashtag
File Extraction

hashtag
πŸ”§ Advanced Techniques

hashtag
Stealth Modifications

hashtag
Conditional Payloads

hashtag
πŸ“‹ Detection Script

hashtag
πŸ”‘ Quick Reference

hashtag
Immediate Checks

hashtag
Emergency Exploitation

hashtag
Timing Patterns

Cron job abuse exploits automated administrative tasks - writable scripts executed as root provide direct privilege escalation through command injection and script modification.

PreviousVulnerable ServicesNextLXD Container Escape

Last updated