So  at the moment,  I am  doing a lot  of work  with  Linux systems specifically obtaining  root level access from a standard or locked down user.

During each challenge there are numerous steps you would check by default during the enumeration stage whilst on  the box.

As part of the enumeration stage you are looking for particular permissions on  scripts and directories, mis-configurations or  config files, user accounts, possible passwords, system information etc..

So its nice to be able to  run all the ‘typical’ stuff in one go to save time, obviously  there is still alot of manual work  involved but this helps speed up the process.  It might even help pick out something of interest (colour coded) that  you might have skimmed straight  passed  before.

There are other tools out  there that do similar to this,  so why am  i working  on this as a little project.

Well, I wanted a script that worked well for me. However,  i also want to add additional  features to the script that others dont do. I want mine to have  the ability to also  try and gain   root  access too.

So its not just an  enumeration  tool it is also an exploitation tool.

It is still a work  in progress but none the less you can get early access to the code through  my pastebin  as always.


Popular posts from this blog

Null Session Domain Controller Enumeration

MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution

NetBIOS / NBNS Spoofing