Anon-Exploiter / Suid3num
Licence: mit
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Suid3num
Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: ✭ 413 (+20.76%)
Mutual labels: pentesting, pentest, oscp, privilege-escalation
Mida Multitool
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-57.89%)
Mutual labels: pentesting, pentest, exploitation, privilege-escalation
Writeups
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-82.16%)
Mutual labels: pentest, exploitation, privilege-escalation
Penetration Testing Study Notes
Penetration Testing notes, resources and scripts
Stars: ✭ 461 (+34.8%)
Mutual labels: pentesting, pentest, oscp
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+154.39%)
Mutual labels: pentesting, exploitation, privilege-escalation
Sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+17.84%)
Mutual labels: pentesting, pentest, exploitation
Justtryharder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+31.58%)
Mutual labels: pentesting, pentest, oscp
Awesome Oscp
A curated list of awesome OSCP resources
Stars: ✭ 804 (+135.09%)
Mutual labels: pentesting, pentest, oscp
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 1,392 (+307.02%)
Mutual labels: pentesting, exploitation, privilege-escalation
Linux Smart Enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+471.93%)
Mutual labels: pentesting, oscp, privilege-escalation
Sudo killer
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+213.74%)
Mutual labels: pentest, oscp, privilege-escalation
Oscp Cheat Sheet
This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-36.84%)
Mutual labels: pentesting, pentest, oscp
Dostoevsky Pentest Notes
Notes for taking the OSCP in 2097. Read in book form on GitBook
Stars: ✭ 495 (+44.74%)
Mutual labels: pentesting, exploitation, oscp
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+280.99%)
Mutual labels: pentesting, exploitation, privilege-escalation
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-41.81%)
Mutual labels: pentesting, exploitation, oscp
Pentest-Service-Enumeration
Suggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (-76.61%)
Mutual labels: pentest, privilege-escalation, oscp
Getaltname
Extract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-6.43%)
Mutual labels: pentesting, pentest
offensive-docker-vps
Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (-80.7%)
Mutual labels: pentesting, pentest
gtfo
Search for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-74.27%)
Mutual labels: privilege-escalation, oscp
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+59.06%)
Mutual labels: exploitation, privilege-escalation
SUID3NUM
A standalone python2/3 script which utilizes python's built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡ʘ ͜ʖ ͡ʘ)
Description
A standalone script supporting both python2 & python3 to find out all SUID binaries in machines/CTFs and do the following
- List all Default SUID Binaries (which ship with linux/aren't exploitable)
- List all Custom Binaries (which don't ship with packages/vanilla installation)
- List all custom binaries found in GTFO Bin's (This is where things get interesting)
- Printing binaries and their exploitation (in case they create files on the machine)
- Try and exploit found custom SUID binaries which won't impact machine's files
Why This?
- Because LinEnum and other enumeration scripts only print SUID binaries & GTFO Binaries, they don't seperate default from custom, which leads to severe head banging in walls for 3-4 hours when you can't escalate privs :)
Can I use this in OSCP?
Yes, you totally can. I used it in my exam, linked it in the report as well. Just don't use -e (according to some people) and you're good to go!
The auto exploitation (i.e. -e) was implemented because I'm a little bit lazy and don't really like copy/pasting so it did the rest for me, you won't find easy binaries like those in OSCP (it ain't kids play), you'll definitely have to research a little bit but it'll do half of the work for you -- can't stress this enough. If you're reading this section, good luck for your exam though.
Changelog
- Added new section of binaries which impact the system (Auto-Exploitation isn't supported for binaries which impact the system in any way i.e. creating new files, directories, modifying existing files etc.). The user has to manually execute those commands, and is supposed to understand those before running as well! (POC: https://i.imgur.com/FclFFwg.png)
Output
Works on
- Python (2.5-7.*)
- Python (3.5-7.*)
Download & Use
wget https://raw.githubusercontent.com/Anon-Exploiter/SUID3NUM/master/suid3num.py --no-check-certificate && chmod 777 suid3num.py
curl -k https://raw.githubusercontent.com/Anon-Exploiter/SUID3NUM/master/suid3num.py --output suid3num.py && chmod 777 suid3num.py
Tested on
- Pop! OS 18.04 LTS
- Ubuntu 18.04 LTS
- Nebula
- Kali Linux (PWK VM)
Usage
Initializing Script
python suid3num.py
Doing Auto Exploitation of found custom SUID binaries
python suid3num.py -e
Output
Auto Exploitation of SUID Bins
Note
Please run the script after going through what it does & with prior knowledge of SUID bins.
P.S ~ Don't run with `-e` parameter, if you don't know what you're doing!
Stargazers Chart
Shoutouts
Shoutout to Zeeshan Sahi & Bilal Rizwan for their ideas and contribution. Also, thanks to Cyrus for GTFO Bins <3
Let me know, what you think of this script at @syed__umar ≧◡≦
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].