hc0d3r/sudohulk hc0d3r/sudohulk

  • Stars
    star
    114
  • Rank 308,031 (Top 7 %)
  • Language
    C
  • Created almost 7 years ago
  • Updated almost 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
hc0d3r/sudohulk
github

hc0d3r

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

try privilege escalation changing sudo command

Sudohulk

This tool change sudo command, hooking the execve syscall using ptrace, tested under bash and zsh

supported architectures:

  • x86_64
  • x86
  • arm

How use:

$ make
cc -Wall -Wextra -O2 -c -o bin/sh_remotedata.o src/sh_remotedata.c
cc -Wall -Wextra -O2 -c -o bin/sh_string.o src/sh_string.c
cc -Wall -Wextra -O2 -c -o bin/sudohulk.o src/sudohulk.c
cc -Wall -Wextra -O2 -o sudohulk bin/sh_remotedata.o bin/sh_string.o bin/sudohulk.o
$ ./sudohulk 
sudohulk [-qdk] PID COMMAND [ARGS]

Options:
   -q quit when change a command
   -d run in background
   -k keep original command line (appending to new)

NOTES:

PID = bash or zsh pid

To attach the current session use -d option, example:

$ ./sudohulk -qd $$ id
running in background, pid:20899
$ sudo ls -lah
[sudo] senha para mmxm: 
uid=0(root) gid=0(root) grupos=0(root)

Demo

asciicast

More Repositories

1

mysql-magic

dump mysql client password from memory
C
234
star
2

tea

ssh-client worm
C
153
star
3

tas

A tiny framework for easily manipulate the tty and create fake binaries.
C
150
star
4

sshd-poison

sshd-poison is a tool that modifies a sshd binary to capture password-based authentications and allows you to login in some accounts using a magic-pass.
C
91
star
5

alfheim

a linux process hacker tool
C
85
star
6

Consulta-cpf-cnpj

Faz consulta de CPF e CNPJ direto do site da Receita Federal (receita.fazenda.gov.br) , efetuando bypass no sistema de CAPTCHA.
PHP
83
star
7

C

some codes
C
39
star
8

ldpreload-disable

disable LD_PRELOAD on linux
Shell
18
star
9

scdump

shellcode dumper
C
14
star
10

ignotum

a simple lib to help read and write in the memory of a linux process
C
13
star
11

chroot-escape

try escape from chroot with non root user
C
12
star
12

syscall64ref

Shell
12
star
13

noexec-bypass

Assembly
10
star
14

w1r3bot

Just another irc bot
Perl
9
star
15

tinydns

A tiny library to perform DNS queries based on RFC 1035, works only with UDP servers.
C
9
star
16

push-obfuscator

Perl
6
star
17

nopasswd-scan

Find files that don't need a password to be executed by sudo.
C
6
star
18

asm

Assembly
5
star
19

vnc-cut-logger

C
4
star
20

seccomp-macros

macros to make easy build seccomp filters without use libseccomp
C
4
star
21

forkontrol

C
4
star
22

spyderhook

system call hooking library.
C
3
star
23

Damas

Checkers game coded in C, using ncurses lib
C
3
star
24

remap_annon

Remaps the pages, which refer to the file to which this code is associated, to anonymous pages.
C
3
star
25

elysian-socks

C
1
star
26

hc0d3r.github.io

CSS
1
star