• Stars
    star
    1,020
  • Rank 45,113 (Top 0.9 %)
  • Language
    Shell
  • Created over 9 years ago
  • Updated almost 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Automatically exported from code.google.com/p/unix-privesc-check

Shell script to check for simple privilege escalation vectors on Unix systems

Unix-privesc-checker is a script that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2). It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases).

It is written as a single shell script so it can be easily uploaded and run (as opposed to un-tarred, compiled and installed). It can run either as a normal user or as root (obviously it does a better job when running as root because it can read more files).

Also see: http://pentestmonkey.net/tools/unix-privesc-check/

This project contains two branches that are actively maintained:

If in doubt, try both.

More Repositories

1

php-reverse-shell

PHP
2,141
star
2

windows-privesc-check

Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
Python
1,472
star
3

pysecdump

Python-based tool to dump security information from Windows systems
Python
259
star
4

gateway-finder

Tool to identify routers on the local LAN and paths to the Internet
Python
195
star
5

smtp-user-enum

Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO.
Perl
98
star
6

timing-attack-checker

Tool to help identify timing attacks
70
star
7

yaptest

Automatically exported from code.google.com/p/yaptest
Perl
68
star
8

finger-user-enum

Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another finger server.
Perl
42
star
9

perl-reverse-shell

Perl
42
star
10

ident-user-enum

ident-user-enum is a simple PERL script to query the ident service (113/TCP) in order to determine the owner of the process listening on each TCP port of a target system.
Perl
35
star
11

unix-security-file-parser

Automatically exported from code.google.com/p/unix-security-file-parser
Python
33
star
12

exploit-suggester

This tool reads the output of β€œshowrev -p” on Solaris machines and outputs a list of exploits that you might want to try. It currently focusses on local exploitation of Solaris 8 on SPARC, but other version of Solaris are partially supported.
Perl
27
star
13

dns-grind

Tool for performing lots of DNS queries quickly
Perl
20
star
14

ftp-user-enum

Username guessing tool for use against the default Solaris ftp service and GNU inetutils ftpd.
Perl
19
star
15

php-findsock-shell

C
18
star
16

rsh-grind

Basically tries lots of combinations of local and remote usernames to execute commands via RSH
Perl
15
star
17

yapscan

Automatically exported from code.google.com/p/yapscan
C++
11
star
18

linux-bootparamd-client

Bootparamd Client for Linux
Logos
8
star
19

yaptestfe

Automatically exported from code.google.com/p/yaptestfe
HTML
8
star
20

on

Rexd Client For Linux
C
5
star