Search Results


service – Privilege Escalation

Sudo (NOPASSWD) service - Privilege Escalation If you ever get to run “service” command with root privileges, you can escape from restricted shell to root. In this example /etc/sudoers has allowed an user to run this program as root without password need. How to 1....

read more

apt-get – Privilege escalation

apt-get - Privilege escalation apt-get can be used to escalate privileges when sudo is allowed without password. How to 1. check the permissions this user has sudo -l We can see that /usr/bin/apt-get is allowed (NOPASSWD) 2. get into changelog documentation sudo...

read more

Sherlock & Empire – Loading modules into

Sherlock is a Powershell script to quickly find missing software patches for local privilege escalation vulnerabilities It can be loaded from Powershell or even loaded into Empire to be executed.

read more

Empire Post-Exploitation Windows

Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure...

read more