Hacking Linux: Difference between revisions
Jump to navigation
Jump to search
m (→Rooting) |
mNo edit summary |
||
Line 13: | Line 13: | ||
== Stabilizing Shells == | == Stabilizing Shells == | ||
After gaining a [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md reverse shell] it's good practice to stabilize it for better usability and functionality. | |||
<pre> | |||
python3 -c 'import pty;pty.spawn("/bin/bash");' | |||
stty -a | |||
stty rows <NUMBER> cols <NUMBER> | |||
echo $SHELL | |||
export SHELL=bash | |||
echo $TERM | |||
export TERM=xterm-256color | |||
press CTRL+Z | |||
stty raw -echo ; fg | |||
reset | |||
</pre> | |||
== Evade Detection == | == Evade Detection == |
Revision as of 14:47, 14 September 2023
Rooting
These tools will quickly help you analyze a system for vulnerabilities that will aid in your privilege escalation and maintaining persistence.
Rooting
Tools
- LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
- LinEnum: https://github.com/rebootuser/LinEnum
- LES (Linux Exploit Suggester): https://github.com/mzet-/linux-exploit-suggester
- Linux Smart Enumeration: https://github.com/diego-treitos/linux-smart-enumeration
- Linux Priv Checker: https://github.com/linted/linuxprivchecker
- Nix* binary exploitation: https://gtfobins.github.io
- Linux - Privilege Escalation
Stabilizing Shells
After gaining a reverse shell it's good practice to stabilize it for better usability and functionality.
python3 -c 'import pty;pty.spawn("/bin/bash");' stty -a stty rows <NUMBER> cols <NUMBER> echo $SHELL export SHELL=bash echo $TERM export TERM=xterm-256color press CTRL+Z stty raw -echo ; fg reset
Evade Detection
For evading detection whilst you're hacking:
See Linux - Evasion.
Linux Persistence
For persisting your access on a Linux system:
See Linux - Persistence.
General tips and tricks:
- Tips, Tricks & Hacks Cheat Sheet: https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet