Hacking Linux: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
m (→Tools) |
||
Line 10: | Line 10: | ||
* Nix* binary exploitation: https://gtfobins.github.io | * Nix* binary exploitation: https://gtfobins.github.io | ||
* [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Linux - Privilege Escalation] | * [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Linux - Privilege Escalation] | ||
* SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery: https://github.com/MegaManSec/SSH-Snake | |||
== Stabilizing Shells == | == Stabilizing Shells == |
Latest revision as of 12:40, 21 March 2024
Rooting
These tools will quickly help you analyze a system for vulnerabilities that will aid in your privilege escalation and maintaining persistence.
Tools
- LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
- LinEnum: https://github.com/rebootuser/LinEnum
- LES (Linux Exploit Suggester): https://github.com/mzet-/linux-exploit-suggester
- Linux Smart Enumeration: https://github.com/diego-treitos/linux-smart-enumeration
- Linux Priv Checker: https://github.com/linted/linuxprivchecker
- Nix* binary exploitation: https://gtfobins.github.io
- Linux - Privilege Escalation
- SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery: https://github.com/MegaManSec/SSH-Snake
Stabilizing Shells
After gaining a reverse shell it's good practice to stabilize it for better usability and functionality.
python3 -c 'import pty;pty.spawn("/bin/bash");' stty -a stty rows <NUMBER> cols <NUMBER> echo $SHELL export SHELL=bash echo $TERM export TERM=xterm-256color press CTRL+Z stty raw -echo ; fg reset
Evade Detection
For evading detection whilst you're hacking:
See Linux - Evasion.
Linux Persistence
For persisting your access on a Linux system:
See Linux - Persistence.
General tips and tricks:
- Tips, Tricks & Hacks Cheat Sheet: https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet