Hacking Linux: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
m →Tools |
||
| (One intermediate revision by the same user not shown) | |||
| Line 2: | Line 2: | ||
These tools will quickly help you analyze a system for vulnerabilities that will aid in your privilege escalation and maintaining persistence. | These tools will quickly help you analyze a system for vulnerabilities that will aid in your privilege escalation and maintaining persistence. | ||
=== Tools === | === Tools === | ||
* LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS | * LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS | ||
| Line 11: | Line 10: | ||
* Nix* binary exploitation: https://gtfobins.github.io | * Nix* binary exploitation: https://gtfobins.github.io | ||
* [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Linux - Privilege Escalation] | * [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Linux - Privilege Escalation] | ||
* SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery: https://github.com/MegaManSec/SSH-Snake | |||
== Stabilizing Shells == | == Stabilizing Shells == | ||
Latest revision as of 12:40, 21 March 2024
Rooting
These tools will quickly help you analyze a system for vulnerabilities that will aid in your privilege escalation and maintaining persistence.
Tools
- LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
- LinEnum: https://github.com/rebootuser/LinEnum
- LES (Linux Exploit Suggester): https://github.com/mzet-/linux-exploit-suggester
- Linux Smart Enumeration: https://github.com/diego-treitos/linux-smart-enumeration
- Linux Priv Checker: https://github.com/linted/linuxprivchecker
- Nix* binary exploitation: https://gtfobins.github.io
- Linux - Privilege Escalation
- SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery: https://github.com/MegaManSec/SSH-Snake
Stabilizing Shells
After gaining a reverse shell it's good practice to stabilize it for better usability and functionality.
python3 -c 'import pty;pty.spawn("/bin/bash");'
stty -a
stty rows <NUMBER> cols <NUMBER>
echo $SHELL
export SHELL=bash
echo $TERM
export TERM=xterm-256color
press CTRL+Z
stty raw -echo ; fg
reset
Evade Detection
For evading detection whilst you're hacking:
See Linux - Evasion.
Linux Persistence
For persisting your access on a Linux system:
See Linux - Persistence.
General tips and tricks:
- Tips, Tricks & Hacks Cheat Sheet: https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet