PwnKata
Start drilling free
Home Linux Privilege Escalation File Capability Privilege Escalation
easy Live now Linux · Privilege Escalation

File Capability Privilege Escalation

Linux file capabilities can grant one binary more power than intended. Drill finding and abusing that mistake.

Enumerate file capabilities, identify the binary that can become root through cap_setuid, and adapt the primitive to read the flag.

Each rep changes the capable binary and account context, so the exercise stays focused on recognition instead of one memorized command.

What you'll practice

linux capabilitiescap_setuidprivilege escalationCPTS
drill workspace · session live
easy

File Capability Privilege Escalation

Linux file capabilities can grant one binary more power than intended. Drill finding and abusing that mistake.

Objective

Recover the flag at /root/flag.txt and submit it.

Drill this now

Spin up a live isolated target and start practicing in seconds — free.

Start drilling

Related linux privilege escalation techniques

Linux · Privilege Escalation Live

sudo -l Privilege Escalation

A misconfigured sudo rule is one of the most common real-world Linux privesc paths. Drill it until `sudo -l` is the first thing your fingers type.

easy
Linux · Privilege Escalation Live

SUID Binary Privilege Escalation

A stray SUID bit on the wrong binary is an instant root. Drill enumerating and abusing SUID binaries until it's automatic.

easy
Linux · Privilege Escalation Live

Cron PATH Hijack

When a root scheduled task trusts PATH, the writable directory before system paths becomes the attack surface.

medium