Pentst/OSCP 备考的干货知识~
suid 辅助信息收集脚本: linux-pe-suid.sh
原理:
#以下命令将尝试查找具有root权限的SUID的文件,不同系统适用于不同的命令,请逐个尝试
find / -perm -u=s -type f 2>/dev/null
find / -user root -perm -4000-print2>/dev/null
find / -user root -perm -4000-exec ls -ldb {} \;
已知的可用来提权的linux可行性的文件列表如下:
| 命令 | 命令 | 命令 | 命令 | 命令 | 命令 | 命令 | 命令 |
|---|---|---|---|---|---|---|---|
| aria2c | arp | ash | base32 | base64 | bash | busybox | cat |
| chmod | chown | chroot | cp | csh | curl | cut | dash |
| date | dd | dialog | diff | dmsetup | docker | emacs | env |
| eqn | expand | expect | file | find | flock | fmt | fold |
| gdb | gimp | grep | gtester | hd | head | hexdump | highlight |
| iconv | ionice | ip | jjs | jq | jrunscript | ksh | ksshell |
| ld.so | less | logsave | look | lwp-download | lwp-request | make | more |
| mv | nano | nice | nl | node | nohup | od | openssl |
| perl | pgShell | php | pico | python | readelf | restic | rlwrap |
| rpm | rpmquery | rsync | run-parts | rvim | sed | setarch | shuf |
| soelim | sort | start-stop-daemon | stdbuf | strace | strings | sysctl | systemctl |
| tac | tail | taskset | tclsh | tee | tftp | time | timeout |
| ul | unexpand | uniq | unshare | uudecode | uuencode | vim | watch |
| wget | xargs | xxd | xz | zsh | zsoelim | nmap | 其他脚本文件 |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent
