Coder Social home page Coder Social logo

linux-private-i's Introduction

Linux Private-i

A Linux Enumeration & Privilege Escalation tool that automates the basic enumeration steps and displays the results in an easily readable format. The script comes loaded with a variety of 4 Options to choose from.

Using Bash, execute private-i.sh on the local low privileged user.

alt text

Select an option, execute & watch the show. Each mode uses common Linux binaries to enumerate the local system (find, grep, ps, etc). If you have a non-bash shell such as sh, use Noir-Private-i. Either script will not write or auto-exploit in any way.

Full Scope Investigation

Very Verbose option.

  • Vital checks such as OS info and permissions on common files.
  • Search for common applications while checking versions, file permissions and possible user credentials.
    • Common Apps: Apache/HTTPD, Tomcat, Netcat, Perl, Ruby, Python, WordPress, Samba
    • Database Apps: SQLite, Postgres, MySQL/MariaDB, MongoDB, Oracle, Redis, CouchDB
    • Mail Apps: Postfix, Dovecot, Exim, SquirrelMail, Cyrus, Sendmail, Courier
  • Checks Networking info - netstat, ifconfig.
  • Basic mount info, crontab and bash history.

Here's a snippet when running the Full Scope. This box has purposely misconfigured files and permissions. alt text

Quick Canvas

Looking to gain some quick intel without information overload? Running a Quick Canvas against the system will output the basic OS info, Networking, Apps and common file permissions. A simple non-verbose version of the Full Scope option.

alt text

Sleuths Special

Runs basic vital checks, then searches the filesystem for world-writable permissions & 'password' strings in common directories. Depending on the size of the filesystem, this option may take a while to complete.

alt text

Kernel Tip-Off

Compares the first two octets of the Kernel version (uname -r) to an array of exploits. Does not auto-exploit.

Feel free to add any new Kernel Exploits in the kernel tip off array. Format however you'd like - just make sure the kernel version is listed.

Noir-Private-i

Also included is the portable noir version. Although less verbose without option selection, it can be ran without a Bash shell. Simply execute without any additions.

low@victim:/# ./noir-private-i.sh

linux-private-i's People

Contributors

rtcrowley avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.