ngalongc / autolocalprivilegeescalation Goto Github PK
View Code? Open in Web Editor NEWAn automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
autolocalprivilegeescalation's People
Contributors
Stargazers
Watchers
Forkers
webkodex johnjohnsp1 fork42541 sudosroot zhuyue1314 safe3 codecrack3 diegslva cy83rv37 testzzzz samgha idkwim ognz lawrencehero logan-lu security-geeks wflk lucabongiorni macc6579 brianwrf gmlanzi detrojones woodzltc imanadib hackndo gunjan1111 jeperez vysecurity theralfbrown phishing-factory z3v2cicidi eniac888 wucaishi securextools uncia ngbatnicdotmil team-firebugs piscessignature fatenocaster kbahaxor riverhac raslin777 psuedoelastic waldoalvarez00 cryptedwolf dipsec liupeiyu crazykid199 0x13337 djgrasss pythonmaster41 0v3rm1nd-dr4g0n ht13 byteways evilwebshell rebeyond olivierh59500 tardummy01 hungnv0789 techlord-rce kernux 3xp10it f00bar10 ziv0chou b1gw00d m3g4byt3 tuapuikia float001 codingfree 1sn0m4d javarockstar fr34k8 songofhack spnow michalkoczwara gnginx ap0cryphon uppentest clicknull c26root wangshu88 hackmycontrolsystem jinyu00 m00zh33 xieqiwen1993 pynon vicsanjinez talk2noob mgcfish hacktest unix1010 ptkrm hoanganhnhung h4ppy7ree 0xbadca7 kaicastledine nullport mylovered daedalus totorohaautolocalprivilegeescalation's Issues
Path to copy files don´t exist
Hi Chan,
I tried to use your script on my centos 7 (or Debian 8) and it´s doesn't work. The error is this:
[*] The base directory is /usr/share/exploitdb/platforms [*] Copying /usr/share/exploitdb/platforms/linux/local/31347.c to /root/AutoLocalPrivilegeEscalation-master/linux_3.10//linux/local/31347.c cp: cannot stat ‘/usr/share/exploit [auto_priv_exploit.zip](https://github.com/ngalongc/AutoLocalPrivilegeEscalation/files/730922/auto_priv_exploit.zip) db/platforms/\033[01;31m\033[Klinux\033[m\033[K/local/31347.c’: No such file or directory [*] Do you wish to compile all the exploit script written in C?
So when I tried to fix it I changed more than a few lines. The attached file is my
new auto_priv_exploit.sh.
Now this script take the kernel version and the os type from the system or you can put the kernel version you will check.
If you need some information of this change please tell me.
Too many errors :(
#/bin/bash
usage(){
echo "-/ Auto Local Root Exploit -/";
echo "";
echo "[*] Usage: $0 VERSION_OF_KERNEL";
echo "[*] Example: root#~$ $0 2.6";
exit 1;
}
download(){
base="/usr/share/exploitdb/platforms"
echo "[*] The base directory is $base"
[ -d "linux_$version" ] || mkdir linux_$version # make directory if not exist
for file in $file_list; do
# TODO get rid of the first . if exist in file path
# TODO if not exist then do the way it did
echo "[*] Copying $base$file to $PWD/linux_$version$file"
cp "$base$file" "$PWD/linux_$version" # copy the file from exploitdb to the current directory with linux_$version
file_extension=$(echo $file | cut -d '.' -f 2) # extract the file extension
# Count the file for summary
case $file_extension in
"c" ) c_file_count=$((c_file_count+1));;
"rb" ) rb_file_count=$((rb_file_count+1));;
"txt" ) txt_file_count=$((txt_file_count+1));;
"py" ) py_file_count=$((py_file_count+1));;
"pl" ) pl_file_count=$((pl_file_count+1));;
"sh" ) sh_file_count=$((sh_file_count+1));;
esac
done
}
compile(){
for file in $file_list; do
file_extension=$(echo $file | cut -d '.' -f 2) # extract the file extension
file_name=$(echo $file | cut -d '/' -f 4) #extrac the file name
if [ "$file_extension" == "c" ]; then
gcc linux_$version/$file_name -o linux_$version/"$file_name.exe" 2>/dev/null
fi
done
}
version=$1
file_list=$(searchsploit $version linux| grep local | grep -i privilege | cut -d '|' -f 2 | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
py_file_count=0
txt_file_count=0
rb_file_count=0
c_file_count=0
pl_file_count=0
sh_file_count=0
main(){
echo -e "[*] Possible Exploit\n"
searchsploit $version linux | grep local | grep -i privilege
if [ -z $file_list ]; then
echo "No possible exploit :("
exit 1
fi
echo "[!] Do you wish to download all the exploit script to current directory and compile if possible?"
read -p "[Y/N]~$ " yn
case $yn in
y|Y ) download;;
n|N ) ;;
* ) echo "Invalid Argument :(";;
esac
echo "[!] Do you wish to compile all the exploit script written in C?"
read -p "[Y/N]~$ " yn
case $yn in
y|Y ) compile;;
n|N ) ;;
* ) echo "Invalid Argument :(";;
esac
exe_file_count=$(ls linux_$version | grep .exe -c)
echo "[!] Do you want to make a tar ball of the linux_$version? (For convinient file transfer)"
read -p "[Y/N]~$ " yn
case $yn in
y|Y ) tar -cf linux_$version.tar linux_$version;;
n|N ) ;;
* ) echo "Invalid Argument :(";;
esac
echo "[*] Auto Privilege Exploit Summary"
echo "C file in $PWD/linux_$version has $c_file_count files"
echo "Python file in $PWD/linux_$version has $py_file_count files"
echo "Perl file in $PWD/linux_$version has $pl_file_count files"
echo "Bash file in $PWD/linux_$version has $sh_file_count files"
echo "Ruby file in $PWD/linux_$version has $rb_file_count files"
echo "TXT file in $PWD/linux_$version has $txt_file_count files"
echo ""
echo "[*] Successfully Compiled $exe_file_count executable located in linux_$version"
}
if [ $# -ne 1 ]; then
usage
fi
main
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.