A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
MIT License
A standalone python2/3 script which utilizes python's built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡ʘ ͜ʖ ͡ʘ)
A standalone script supporting both python2 & python3 to find out all SUID binaries in machines/CTFs and do the following
Why This?
Yes, you totally can. I used it in my exam, linked it in the report as well. Just don't use -e
(according to some people) and you're good to go!
The auto exploitation (i.e. -e) was implemented because I'm a little bit lazy and don't really like copy/pasting so it did the rest for me, you won't find easy binaries like those in OSCP (it ain't kids play), you'll definitely have to research a little bit but it'll do half of the work for you -- can't stress this enough. If you're reading this section, good luck for your exam though.
SUID3NUM's Sample output
wget
wget https://raw.githubusercontent.com/Anon-Exploiter/SUID3NUM/master/suid3num.py --no-check-certificate && chmod 777 suid3num.py
curl
curl -k https://raw.githubusercontent.com/Anon-Exploiter/SUID3NUM/master/suid3num.py --output suid3num.py && chmod 777 suid3num.py
Initializing Script
python suid3num.py
Doing Auto Exploitation of found custom SUID binaries
python suid3num.py -e
Shoutout to Zeeshan Sahi & Bilal Rizwan for their ideas and contribution. Also, thanks to Cyrus for GTFO Bins <3
Let me know, what you think of this script at @syed__umar ≧◡≦