OSCP-BoF
SUDO_KILLER
Our great sponsors
OSCP-BoF | SUDO_KILLER | |
---|---|---|
2 | 8 | |
64 | 2,096 | |
- | - | |
0.0 | 8.8 | |
almost 3 years ago | about 2 months ago | |
Python | Shell | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OSCP-BoF
-
For whatever reason, I am having a lot of trouble grasping buffer overflows. What is your favorite resource/video that spelled it out for you when you learned?
And then once you get the concepts, https://github.com/3isenHeiM/OSCP-BoF for the practical methodology (I'm the author).
- 1st attempt, 80+ points. My experience and some unpopular opinions inside.
SUDO_KILLER
- cve-2023-22809
-
CVE-2023-22809
this project https://github.com/TH3xACE/SUDO_KILLER can be used to detect and exploit this CVE.
-
Sudoedit can edit arbitrary files (CVE-2023-22809)
check the project https://github.com/TH3xACE/SUDO_KILLER ... there is a docker and the tool within it to play with the described scenario and there is a video also...showing the exploitation :)
- TH3xACE/SUDO_KILLER - A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
- Some of the latest CVEs like CVE-2014-0106, CVE-2015-5602, CVE-2017-1000367, CVE-2019-14287, CVE-2019-18634, CVE-2021-3156 and CVE-2021-23240 are detected by the tool and much more. If you like the project, don't forget to give a +1 star on github. Thanks
- How to detect sudo’s CVE-2021-3156 using Falco
-
Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)
Detection and checks for CVE-2021-3156 and CVE-2021-23240 were added to https://github.com/TH3xACE/SUDO_KILLER . Please give a +1 star on github if you appreciate the project.
What are some alternatives?
dostackbufferoverflowgood
OSCP-Exam-Report-Template - Modified template for the OSCP Exam and Labs. Used during my passing attempt
SUID3NUM - A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
linux-smart-enumeration - Linux enumeration tool for pentesting and CTFs with verbosity levels
zenith - Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.
EZEA - EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces
raptor_infiltrate20 - #INFILTRATE20 raptor's party pack.
linux-exploit-suggester - Linux privilege escalation auditing tool
TireFire - Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
try-harder - "Try Harder" is a cybersecurity retro game designed to simulate 100 real-world scenarios that will help you prepare for the Offensive Security Certified Professional (OSCP) exam, all while offering an immersive experience and retro aesthetic. Enter Real commands correctly, move to the next host, and get a point. Can you get 100?
CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)