Hacking Linux: Difference between revisions

Rooting

These tools will quickly help you analyze a system for vulnerabilities that will aid in your privilege escalation and maintaining persistence.

Tools

• LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
• LinEnum: https://github.com/rebootuser/LinEnum
• LES (Linux Exploit Suggester): https://github.com/mzet-/linux-exploit-suggester
• Linux Smart Enumeration: https://github.com/diego-treitos/linux-smart-enumeration
• Linux Priv Checker: https://github.com/linted/linuxprivchecker
• Nix* binary exploitation: https://gtfobins.github.io
• Linux - Privilege Escalation
• SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery: https://github.com/MegaManSec/SSH-Snake

Stabilizing Shells

After gaining a reverse shell it's good practice to stabilize it for better usability and functionality.

python3 -c 'import pty;pty.spawn("/bin/bash");'
stty -a
stty rows <NUMBER> cols <NUMBER>
echo $SHELL
export SHELL=bash
echo $TERM
export TERM=xterm-256color
press CTRL+Z
stty raw -echo ; fg
reset

Evade Detection

For evading detection whilst you're hacking:

See Linux - Evasion.

Linux Persistence

For persisting your access on a Linux system:

See Linux - Persistence.

General tips and tricks:

• Tips, Tricks & Hacks Cheat Sheet: https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet