SUDO_KILLER - A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo

Feb 24, 2020

SUDO_KILLER is a tool that can be used for privilege escalation on linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the version of sudo being used (CVEs and vulns) and the use of dangerous binary, all of these could be abused to elevate privilege to ROOT.

SUDO_KILLER will then provide a list of commands or local exploits which could be exploited to elevate privilege. It is worth noting that the tool does not perform any exploitation on your behalf, the exploitation will need to be performed manually and this is intended.


**WARNING: SUDO_KILLER is part of the KILLER project. SUDO_KILLER is still under development and there might be some issues, please create an issue if you found any. **

Other tool will be added to the KILLER project in the coming months so stay tuned up. Also ideas, bug reports, contributions are more than welcome !

** Stay tuned : Follow me on twitter @ https://twitter.com/TH3xACE **

Features

Some of the checks/functionalities that are performed by the tool.

  • Misconfigurations
  • Dangerous Binaries
  • Vulnerable versions of sudo - CVEs
  • Dangerous Environment Variables
  • Credential....

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023