I am back and apologize for lack of activity last month, life has been crazy lately. As some of you may or may not know I been trying to step up my post exploitation skills as well as my general Linux skills. I recently jumped to Linux OS for my main day-to-day OS and have to say I've never been happier (other than Camtasia doesn't run on Linux). Anyway, I started looking into common tasks one should perform post shell access in order to increase ones chances of gaining root access and decided to try and write my first Linux script to try and help myself and since I <3 my supporters I decided to share with you guys as well. Now everyone can download and run a exploit and cross fingers and hope it works but what if it doesn't? What if we want to still try and root the box? There are many methods one can use to still gain root access without pre-compiled exploits. I will link you to a great reference guide for some basic methods one can use to go about searching for ways to gain root access and then I will give you my new script I wrote which will try to take some of the pain out of the process for you by quickly identifying some key areas one can start looking at to get things done and/or digg out a bit more info. The tool for now only does pure enumeration but I do have a few ideas for a private version which will continue development on into the future, who knows though. That being said I give you the following which I have available now:
A really good newbie guide to actual rooting methods with some understandable examples:
There are many other write ups out there if you search hard and do some reading. This is just a tool give-away, not a how to root the box thread. I will try to continue posting more post exploit techniques as time allows in the near future...
To the Point - Downloads:
ZIP Download: http://uppit.com/le477muzng7f/Inf0rm3r.zipInform3r.zip, contains the following:
- Actual bash script which does the enumeration magic and can be run one its own
- side project from Inf0rme3r, C based App which remotely grabs Inf0rm3r script, runs it, and deletes it so all that is left is the report file. Also no output in terminal so can be easier on some systems (CentOS for example which have buffer size issues due to it being set at compiling time)
SCRIPT SOURCE: https://pastee.org/b4gtz
- PASS: I<3INTRA!
NOTE: There is function already created to handle emailing of the report file if you're running the standalone script. You just need to uncomment the code in the script and then pass a email to the script when run as an argument. It requires /bin/mail from mailutils to be installed to work. I didn't get this properly installed and set-up locally so my testing only validated the logic, not the actual emailing itself, although I had a buddy state it was working for him so its up in the air for now (hence it being commented out for this release version, we will see what future brings).
Big Shout-out and special thanks to Phaedrus for helping me out with a few live test environments to fine tune a few things and th3breacher for some of the email code, suggestions and feedback!
...and of course, Greetz to and from everyone in INTRA!
If you have any questions, suggestions or feedback of any kind do let me know as I want to improve this over time to really be something unique and handy for the community to have.
Until next time, Enjoy the pursuit for r00t!