Introduction to Emergency Response Backdoor Investigation (Linux Edition)

Introduction to Emergency Response Backdoor Investigation (Linux Edition)

1. Common Backdoors Classification of Common Backdoor Types: Type Platform Characteristics Account Backdoor Linux/Windows Creates hidden users or escalates privileges Scheduled Task Backdoor Linux/Windows Uses cron / Task Scheduler to execute malicious programs Startup Item Backdoor Windows/Linux Writes to startup items for persistence Dynamic Link Library Hijacking Linux/Windows LD_PRELOAD / DLL injection Process Injection Backdoor … Read more

Overview of Privilege Escalation in Linux Systems

Privilege escalation in Linux systems refers to the process of elevating from a low-privilege user (such as a regular user or www-data) to a high-privilege user (such as root). This is very common in penetration testing (Pentest) or security research, but please note: it should only be used in legally authorized environments, and misuse may … Read more

Linux Permission Management – Special File Permissions

In the previous article, we discussed the basic file permissions in Linux, namely r (read), w (write), and x (execute). However, there are also some special permission indicators in the Linux system: s – SetUID (Owner permission bit <span>x</span> becomes <span>s</span>) s – SetGID (Group permission bit <span>x</span> becomes <span>s</span>) t – Sticky Bit (Other … Read more

Linux File Permissions: Can You Understand These ‘Hidden Risks’?

Linux File Permissions: Can You Understand These 'Hidden Risks'?

In the world of Linux, file permissions are the first line of security. For operations engineers, this is a necessary part of daily management; for hackers, it is the most common point of breach. If configured incorrectly, permissions can become an “invisible backdoor,” allowing attackers to easily escalate privileges and even take control of the … Read more

Detailed Explanation of Special Permissions in Linux Files (Part 2): SUID and Its Application Scenarios and Usage

Detailed Explanation of Special Permissions in Linux Files (Part 2): SUID and Its Application Scenarios and Usage

The previous article introduced special permissions for files in Linux, including SUID, SGID, and Sticky Bit. Today, this article will provide a detailed explanation of SUID and its practical application scenarios and usage. What is SUID? Let’s continue with the example from the previous article about a regular user changing their own password. We all … Read more

Linux User Permissions

Linux User Permissions

1. Basic Permissions Permission Basics Users and Groups File Owner (User): The user who created the file, possessing the highest level of control. Group: A set of users that share file permissions. Others: Users who are neither the owner nor part of the group. Three Basic Permissions Read <span>r=4</span>: Permission to read. View file contents … Read more

Buildroot Embedded Linux Root File System Not Logging as Root

Buildroot Embedded Linux Root File System Not Logging as Root

1. Problem Description If after booting the embedded Linux root file system made with Buildroot, you find that you are not logged in as the root user, this may be due to improper file system permission settings or user configuration issues. 2. Solutions Here are some possible solutions:1. Check BusyBox Permissions As mentioned in the … Read more