LinEnum

LinEnum is a bash script written by Owen Shearing for enumerating local

information on a Linux host. We can grab the script from its GitHub repository

using wget:

$ cd ~/tools

$ wget https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh

To verify that the script is working correctly, make it executable and run the

following help command:

$ chmod u+x LinEnum.sh

$ ./LinEnum.sh -h

#########################################################

# Local Linux Enumeration & Privilege Escalation Script #

#########################################################

# www.rebootuser.com | @rebootuser

# Example: ./LinEnum.sh -k keyword -r report -e /tmp/ -t

OPTIONS:

-k Enter keyword

-e Enter export location

-s Supply user password for sudo checks (INSECURE)

-t Include thorough (lengthy) tests

-r Enter report name

-h Displays this help text

Running with no options = limited scans/no output file

#########################################################

unix-privesc-check

The unix-privesc-check shell script, written by pentestmonkey, collects

information from a host in an attempt to find misconfigurations and ways to

escalate privileges. The script is written to support many flavors of Linux and

UNIX systems and does not require any dependencies, which makes it convenient

to both install and run.

By default, the script comes bundled with Kali, and you should find it in

/usr/bin/unix-privesc-check:

# which unix-privesc-check

/usr/bin/unix-privesc-check

Optionally, you can create a copy of it in the tools directory for easier access,

should you need to copy it later to any of the lab's machines:

$ cp /usr/bin/unix-privesc-check ~/tools

Black Hat Bash (Early Access) © 2023 by Dolev Farhi and Nick Aleks