unix-privesc-check 介绍

unix-privesc-check是在Unix系统上运行(在Solaris 9,HPUX 11,各种Linux版本,FreeBSD的6.2测试)的脚本。它尝试发现错误配置,可允许本地非特权用户提升权限给其他用户或访问本地应用程序(如数据库)。它写成一个shell脚本,因此它可以很容易地上传和运行(而不是解压,编译和安装)。它可以运行作为一个普通用户或根(显然它作为根运行时,没有一个比这个更好的方式,因为它可以读取更多的文件)。

资料来源:http://pentestmonkey.net/tool​​s/audit/unix-privesc-check
unix-privesc-check 首页
unix-privesc-check 源代码库

包括在unix-privesc-check里的工具

unix-privesc-check - 检查提升简单权限的载体脚本
:~# unix-privesc-check
unix-privesc-check v1.4 ( http://pentestmonkey.net/tools/unix-privesc-check )

Usage: unix-privesc-check { standard
detailed }

"standard" mode: Speed-optimised check of lots of security settings.

"detailed" mode: Same as standard mode, but also checks perms of open file
                 handles and called files (e.g. parsed from shell scripts,
                 linked .so files).  This mode is slow and prone to false
                 positives but might help you find more subtle flaws in 3rd
                 party programs.

This script checks file permissions and other settings that could allow
local users to escalate privileges.

Use of this script is only permitted on systems which you have been granted
legal permission to perform a security assessment of.  Apart from this
condition the GPL v2 applies.

Search the output for the word 'WARNING'.  If you don't see it then this
script didn't find any problems.

unix-privesc-check 用法示例

:~# unix-privesc-check standard
Assuming the OS is: linux
Starting unix-privesc-check v1.4 ( http://pentestmonkey.net/tools/unix-privesc-check )

This script checks file permissions and other settings that could allow
local users to escalate privileges.

Use of this script is only permitted on systems which you have been granted
legal permission to perform a security assessment of.  Apart from this
condition the GPL v2 applies.

Search the output below for the word 'WARNING'.  If you don't see it then
this script didn't find any problems.


############################################
Recording hostname
############################################
kali

############################################
Recording uname
############################################
Linux kali 3.12-kali1-amd64 #1 SMP Debian 3.12.9-1kali1 (2014-05-13) x86_64 GNU/Linux

############################################
Recording Interface IP addresses