Linux PrivEsc - TryHackMe

Learn basics of Linux Privilege Escalation

11 min readJul 12, 2020


This write-up is based on the Linux PrivEsc room from Try Hack Me. Please find this room here:-

[Task 1] Deploy the Vulnerable Debian VM

  1. Deploy the VM
  2. SSH in to the VM using the credentials given and run the idcommand
Task 1

[Task 2] Service Exploit

This task is to exploit the following vulnerability in MySql:-

The exploit is available here:-

The creator of the room has already made the exploit file - raptor_udf2.c on the VM at location:- /home/user/tools/mysql-udf . Run the following commands as asked:

Task 2

Get the root shell:

Task 2 — root shell

Learning from this task:-

  • Avoid running applications as “root”
  • Patch things and stay up to date.

[Task 3] Weak File Permissions — Readable /etc/shadow

  1. What is the root user’s password hash?
Task 3

As we can see that hashes of root and user are exposed, which can be cracked offline!

2. What hashing algorithm was used to produce the root user’s password hash?




Software Developer having keen interest in Security, Privacy and Pen-testing. Certs:- Security+,PenTest+,AZ900,AZ204