NullArray/RootHelper NullArray/RootHelper

  • Stars
    star
    477
  • Rank 90,223 (Top 2 %)
  • Language
    Shell
  • License
    GNU General Publi...
  • Created over 8 years ago
  • Updated almost 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
NullArray/RootHelper
github

NullArray

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

RootHelper

Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised. The latest version totals eleven scripts. From enumeration to exploit suggestion to exploit deployment. RootHelper ensures you have access to the best tools for the job.

The credits for the scripts it fetches go to their original authors.

Update

Latest update has added a brand new Helper script. Details below.

RootHelper now supports command line arguments/flags.

The -q or --quiet flag supresses the usage print function on execution. Therefore you can now simply pass -q and be taken directly to the menu.

The -f or --fast flag immediately starts the execution of the script's download option. If time is of the essence the -f flag will hurry things along.

Latest Helper Scripts

The latest addition to the scripts available through RootHelper is rootend.py. It's a python3 implementation that automates enumeration and privilege escalation operations.

RedGhost Is from now on available with RootHelper, it's a Linux post-exploitation framework and payload generator.

Linux Smart Enumeration Is available with RootHelper. It's a tool based on LinEnum but with a heavy focus on the privilege escalation aspect that enumeration tools provide.

SBD or Static Binary Deployer has been added to the tools available for download with RootHelper. For details on this utility find my repo here

Auto-Root-Exploit Is now available through RootHelper.

BashArk; a post-exploitation tool. Is now available for download with RootHelper.

A new version of Linux Exploit Suggester has been released. It is an updated version based on the old one by PenturaLabs. The author of this tool and all others available through RootHelper are accredited for their excellent work below.

Priv-Esc scripts

LinEnum

Shellscript that enumerates the system configuration.

Linux Smart Enumeration

LinEnum fork with a heavy focus on privilege escalation.

unix-privesc-check

Shellscript that enumerates the system configuration and runs some privilege escalation checks as well.

linuxprivchecker

A python implementation to suggest exploits particular to the system that's been compromised.

Linux_Exploit_Suggester

A perl script that that does the same as the one mentioned above.

SBD

SBD Makes it possible to deploy static binaries of common (and less common) Linux utilities that might otherwise be unavailable.

Auto-Root-Exploit

Auto-Root-Exploit is a shell script that downloads and executes all known publically available exploits from Exploit-DB for the system and kernel version you specify via the tool's command-line arguments.

BashArk

BashArk is post exploitation tool written in Bash.

Firmwalker

Shellscript that gathers useful information by searching the mounted firmware filesystem. For things such as SSL and web server related files, config files, passwords, common binaries and more.

RedGhost

Linux post exploitation framework designed to assist in persistence, reconnaissance, privilege escalation and leaving no trace.

rootend

Rootend automates enumeration and privilege escalation operations by targetting a wide range of potential exploitation catagories. It does so by looking for SUID bit enabled binaries. Weak permissions on security critical components, finding PHP Configuration files and much more.

Usage

To use the script you will need to get it on the system you've compromised with utilities such as git or wget depending on what is available to you on that particular system. From there you need to make it executable with chmod +x roothelper.sh After which run it and it will show you the options available and an informational message regarding the options. For clarity i have posted it below as well.

The 'Help' option displays this informational message.

The 'Download' option fetches the relevant files and places them in the /tmp/ directory.

The option 'Download and unzip' downloads all files and extracts the contents of zip archives to their individual subdirectories respectively, please
note; if the 'mkdir' command is unavailable however, the operation will not succeed and the 'Download' option should be used instead

The 'Clean up' option removes all downloaded files and 'Quit' exits roothelper.

Acknowledgements

Special thanks to DiegoTreitos for his efforts in optimizing RootHelper's source code.

Credits for scripts RootHelper fetches go to their original authors.

rootend by nickvourd and Maldevel from TwelveSec.

RedGhost by d4rk007

linux-smart-enumeration by DiegoTreitos

LinEnum by RebootUser

Firmwalker by Craigz28

Auto-Root-Exploit by nilotpalbiswas

BashArk by TheSecondSun

Linux Priv Checker by SecuritySift

Linux Exploit Suggester by Jondonas

Unix Priv-Esc Check by Pentestmonkey

More Repositories

1

AutoSploit

Automated Mass Exploiter
Python
4,932
star
2

DorkNet

Selenium powered Python script to automate searching for vulnerable web apps.
Python
335
star
3

IntRec-Pack

Intelligence and Reconnaissance Package/Bundle installer.
Shell
231
star
4

Cypher

Pythonic ransomware proof of concept.
Python
215
star
5

PyCat

Python network tool, similar to Netcat with custom features.
Python
188
star
6

MIDA-Multitool

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
Shell
160
star
7

NetSet

Operational Security utility and automator.
Shell
130
star
8

Mimir

OSINT Threat Intel Interface - CLI for HoneyDB
Python
112
star
9

Archivist

A ctypes powered python keylogger.
Python
103
star
10

WinKernel-Resources

A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level security.
C++
97
star
11

AmpliSpy

Check local or remote list of DNS servers for suitability in DNS Amplification DoS.
Python
47
star
12

Shogun

Shodan.io Command Line Interface
Python
45
star
13

SysEnum

Simple Bash script to retrieve basic system information.
Shell
31
star
14

QuickScan

Port scanning and domain utility.
Python
30
star
15

SBD

Static Binary Deployer. Download and deploy *Nix utilities on a compromised system.
Shell
29
star
16

PyParser-CVE

Multi source CVE/exploit parser.
Python
28
star
17

MaliciousDLLGen

Malicious DLL Generator in Py3
C
27
star
18

Shellshocker

A Bash script to test a list of URLs for the shellshock vulnerability.
Shell
26
star
19

Shellware

Persistent bind shell via pythonic shellcode execution, and registry tampering.
Python
23
star
20

MS-PS-Installer

Automated PowerShell installer for *Nix with multi Distro support.
Shell
19
star
21

WinBins-Plus

Repo to store Windows PE's and Utilities for easy access.
Assembly
17
star
22

GistList

Repo to host a comprehensive list of all my Public Gists with a short description for each item and a link to the Gist pages in question..
15
star
23

HTTP-Server

Basic HTTP Server with a feature to invoke a shell in the dir the files are being served from.
Python
13
star
24

l0ck3r

Automated encryption utilities and installation
Shell
13
star
25

Ransom

first commit
CSS
11
star
26

vBulBot

A vBulletin bot in python.
Python
9
star
27

VM-Nexus

Multi-platform installer and wrapper for QEMU.
Python
8
star
28

ChromaScope

Pseudo library for python, provides custom colored text formatting in a convenient way.
Python
7
star
29

FormEnum

Simple script to enumerate forms with mechanize lib.
Python
5
star
30

KernMan

Bash script to help with kernel management.
Shell
5
star
31

QuickEnc

OpenSSL Based Quick Crypt
Shell
1
star