RootHelper - A Bash Script that Downloads and Unzips Scripts that will Aid with Privilege Escalation on a Linux System

Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads five scripts. Two enumeration shellscripts, one information gathering shellscript and two exploit suggesters, one written in perl and the other one in python.

Priv-Esc scripts:

LinEnum

Shellscript that enumerates the system configuration.

unix-privesc-check

Shellscript that enumerates the system configuration and runs some privilege escalation checks as well.

Firmwalker

Shellscript that gathers useful information by searching the mounted firmware filesystem. For things such as SSL and web server related files, config files, passwords, common binaries and more.

linuxprivchecker

A python implementation to suggest exploits particular to the system that's been compromised.

Linux_Exploit_Suggester

A perl script that that does the same as the one mentioned above.

Usage:

To use the script you will need to get it on the system you've compromised with utilities such as git or wget depending on what is available to you on that particular system. From there you need to make it executable with chmod +x roothelper.sh After which run it and it will show you the options available and an informational message regarding the options. For clarity, i have posted it below as well.

The 'Help' option displays this informational message.

The 'Download' option fetches the relevant files and places them in the /tmp/ directory.

The option 'Download and unzip' downloads all files and extracts the contents of zip 
archives to their individual subdirectories respectively, please note; if the 'mkdir' 
command is unavailable however, the operation will not succeed and the 'Download' 
option should be used instead

The 'Clean up' option removes all downloaded files and 'Quit' exits roothelper.

Download RootHelper

You might also like:

• XSS Shell - XSS Backdoor & Zombie Manager
• EtherApe - A Graphical Network Monitor
• PACK - Password Analysis and Cracking Toolkit
• TYFYP - Massive Telnet Password Tester For Routers
• OpenSSH - A Free SSH Protocol Suite
• RACFSNOW - Password Cracker For RACF
• DDOSIM - Application Layer DDOS Simulator
• Rekall - Memory Forensic Framework
• PeStudio - Malware Initial Assessment Tool
• Hasher - Tool For Creating & Comparing Hashes
• NIELD - Network Interface Events Logging Daemon
• BlackArch Linux - Penetration Testing Distribution
• AIEngine - An Artificial Intelligent Intrusion Detection System Engine
• GoldenEye - Denial of Service (DoS) Attack Tool
• Simple Packet Sender - A Linux Packet Crafting Tool
• ExifTool - Tool For Reading, Writing and Editing Meta Information In Files
• DirBuster - File & Directory Brute Forcing Tool