search

Linux Post Exploitation

Post Exploitation on Linux

hashtag
Common Tools

  • GTFOBinsarrow-up-right - GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

  • LinPEASarrow-up-right - Linux local Privilege Escalation Awesome Script (linPEAS) is a script that search for possible paths to escalate privileges on Linux/Unix.

  • pspyarrow-up-right - Monitor linux processes without root permissions

  • pamspyarrow-up-right - Credentials Dumper for Linux

hashtag
SUID

Although SUID binaries can be detected using LinPEAS, you can also run the following command to identify SUID files on the system.

find / -perm -u=s -type f 2>/dev/null

hashtag
swap_digger

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.

git clone https://github.com/sevagas/swap_digger.git
cd swap_digger
chmod +x swap_digger.sh
sudo ./swap_digger.sh -vx

hashtag
mimipenguin

A tool to dump the login password from the current linux user.

hashtag
Add User as Passwordless Sudo

hashtag
Ping Sweep with Bash

hashtag
Port Scan with Bash

Port scanning with netcat.

Simple TCP port scanning with bash.

circle-info

Note: This page is incomplete and will be regularly updated. If you have any ideas or resources that need to be added, please contact me at [email protected]envelope.

PreviousMiscNextLinux Password Hunting

Last updated