CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/post/multi/recon/sudo_commands.md
Views: 1904
Description
This module examines the sudoers configuration for the session user and lists the commands executable via sudo
.
This module also inspects each command and reports potential avenues for privileged code execution due to poor file system permissions or permitting execution of executables known to be useful for privesc, such as utilities designed for file read/write, user modification, or execution of arbitrary operating system commands.
Note, you may need to provide the password for the session user.
Verification Steps
Start
msfconsole
Get a session
use post/multi/recon/sudo_commands
set SESSION [SESSION]
run
You should receive a list of available
sudo
commands
Options
SESSION
Which session to use, which can be viewed with sessions
SUDO_PATH
Path to sudo executable (default: /usr/bin/sudo
)
PASSWORD
Password for the session user