0x1 Posted October 23, 2019 Share Posted October 23, 2019 (edited) A standalone python script which utilizes python's built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! This is the hidden content, please Sign In or Sign Up Demo Spoiler Description A standalone script supporting both python2 & python3 to find out all SUID binaries in machines/CTFs and do the following List all Default SUID Binaries (which ship with linux/aren't exploitable) List all Custom Binaries (which don't ship with packages/vanilla installation) List all custom binaries found in GTFO Bin's (This is where things get interesting) Try and exploit found custom SUID binaries which won't impact machine's files Why This? Because LinEnum and other enumeration scripts only print SUID binaries & GTFO Binaries, they don't seperate default from custom, which leads to severe head banging in walls for 3-4 hours when you can't escalate privs 🙂 Works on Python (2.6-7.*) Python (3.6-7.*) Download && Demo Ascii This is the hidden content, please Sign In or Sign Up Edited October 23, 2019 by 0x1 Link to comment Share on other sites More sharing options...
Recommended Posts