Скачать или смотреть Scenario 04 - Misconfiguration File owner hijacking via reference and symmlink (SUDO_KILLER)

Linux Privilege Escalation by abusing sudo

DEMO SUDO_KILLER - For Education purposes

Scenario 04 - Misconfiguration File owner hijacking via reference and symmlink

SUDO_KILLER is a tool geared towards cyber security practitioners (pentesters, security auditors, system admins, CTF players and Infosec students ), facilitating privilege escalation within Linux environments. It focuses on vulnerabilities tied to SUDO usage, including misconfigurations in sudo rules, version-based weaknesses (CVEs and vulnerabilities), and risky binary deployments (GTFOBINS). These weak points can be exploited to gain ROOT-level privileges or impersonate users.

SUDO_KILLER provides a catalog of potential commands and local exploits for manual privilege elevation. Importantly, it refrains from automated exploitation, requiring users to carry out the exploitation process themselves as per its intended usage.

Project Repo: https://github.com/TH3xACE/SUDO_KILLER

Music:    / @bluetreeaudio