4 box enum

PEAS

Linux version 3.2.0-23-generic 

╣ Processes, Cron, Services, Timers & Sockets ╠
[+] Cleaned processes
[i] Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-unix/privilege-escalation#processes
root       1029  0.0  0.1  26416  1672 ?        Ss   12:59   0:00 /usr/bin/tmux -S /.devs/dev_sess

[+] Checking sudo tokens
[i] https://book.hacktricks.xyz/linux-unix/privilege-escalation#reusing-sudo-tokens
/proc/sys/kernel/yama/ptrace_scope is not enabled (1)
gdb was found in PATH

[+] Searching ssl/ssh files
Port 22
PermitRootLogin yes
PubkeyAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication yes
UsePAM yes
Possible private SSH keys were found!
/home/hype/.ssh/id_rsa

[+] Searching tmux sessions
[i] https://book.hacktricks.xyz/linux-unix/privilege-escalation#open-shell-sessions
root       1029  0.0  0.1  26416  1672 ?        Ss   12:59   0:00 /usr/bin/tmux -S /.devs/dev_sess

linuix-exploit-suggester-2.pl

hype@Valentine:/tmp$ ./l.pl

  #############################
    Linux Exploit Suggester 2
  #############################

  Local Kernel: 3.2.0
  Searching 72 exploits...

  Possible Exploits
  [1] dirty_cow
      CVE-2016-5195
      Source: http://www.exploit-db.com/exploits/40616
  [2] exploit_x
      CVE-2018-14665
      Source: http://www.exploit-db.com/exploits/45697
  [3] msr
      CVE-2013-0268
      Source: http://www.exploit-db.com/exploits/27297
  [4] perf_swevent
      CVE-2013-2094
      Source: http://www.exploit-db.com/exploits/26131

Previous5 privesc tmux Next3 heartbleed

Last updated 4 years ago