Top Related Projects
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Linux privilege escalation auditing tool
Scripted Local Linux Enumeration & Privilege Escalation Checks
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Privilege Escalation Project - Windows / Linux / Mac
Quick Overview
Linux Exploit Suggester 2 is a tool designed to identify potential security vulnerabilities in Linux systems. It scans the target system and suggests possible exploits based on the kernel version and installed packages, making it a valuable asset for penetration testers and system administrators.
Pros
- Easy to use with a simple command-line interface
- Regularly updated with new exploit information
- Can be run remotely or locally on the target system
- Provides detailed information about potential exploits
Cons
- May produce false positives or outdated information
- Requires root access for full functionality
- Limited to Linux systems only
- Relies on publicly available exploit information, which may not include the latest vulnerabilities
Getting Started
To use Linux Exploit Suggester 2, follow these steps:
-
Clone the repository:
git clone https://github.com/jondonas/linux-exploit-suggester-2.git -
Navigate to the directory:
cd linux-exploit-suggester-2 -
Make the script executable:
chmod +x linux-exploit-suggester-2.pl -
Run the script:
./linux-exploit-suggester-2.pl
For remote execution, you can use curl or wget:
curl https://raw.githubusercontent.com/jondonas/linux-exploit-suggester-2/master/linux-exploit-suggester-2.pl | perl
or
wget https://raw.githubusercontent.com/jondonas/linux-exploit-suggester-2/master/linux-exploit-suggester-2.pl -O - | perl
Note: It's recommended to run the script with root privileges for the most comprehensive results.
Competitor Comparisons
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Pros of PEASS-ng
- More comprehensive, covering multiple privilege escalation techniques
- Actively maintained with frequent updates
- Supports both Linux and Windows systems
Cons of PEASS-ng
- Larger codebase, potentially slower execution
- May produce more verbose output, requiring more analysis
Code Comparison
PEASS-ng (linpeas.sh):
if [ "$MACPEAS" ]; then
print_title "MacPEAS"
macpeas_show_banner
macpeas_system_information
macpeas_users_information
macpeas_software_information
linux-exploit-suggester-2:
sub get_kernel_version {
my $uname = `uname -r`;
$uname =~ /(\d+)\.(\d+)\.(\d+)/;
return $1, $2, $3;
}
PEASS-ng offers a more modular approach with separate functions for different system aspects, while linux-exploit-suggester-2 focuses on specific kernel version extraction. PEASS-ng's code structure allows for easier expansion and maintenance across multiple operating systems.
Linux privilege escalation auditing tool
Pros of linux-exploit-suggester
- More actively maintained with recent updates
- Includes a larger database of exploits
- Offers additional features like remote scanning and exploit downloading
Cons of linux-exploit-suggester
- Slightly more complex to use due to additional options
- May produce more false positives in some cases
- Requires more dependencies for full functionality
Code Comparison
linux-exploit-suggester:
./linux-exploit-suggester.sh --uname "3.13.0-24-generic" --pkglist-file pkglist.txt
linux-exploit-suggester-2:
./linux-exploit-suggester-2.pl -k 3.13.0-24-generic
The linux-exploit-suggester offers more command-line options and flexibility, while linux-exploit-suggester-2 has a simpler syntax for basic usage.
Both tools serve similar purposes but differ in their implementation and feature sets. linux-exploit-suggester is written in Bash, while linux-exploit-suggester-2 is written in Perl. The former offers more advanced features and a larger exploit database, making it potentially more comprehensive for security assessments. However, linux-exploit-suggester-2 may be easier to use for quick checks and has fewer dependencies.
Ultimately, the choice between the two depends on the specific needs of the user, such as the desired level of detail, ease of use, and the target system's characteristics.
Scripted Local Linux Enumeration & Privilege Escalation Checks
Pros of LinEnum
- More comprehensive system enumeration, covering a wider range of system information
- Includes checks for sensitive files and potential misconfigurations
- Actively maintained with regular updates and contributions
Cons of LinEnum
- Larger script size, potentially slower execution on target systems
- May generate more noise in output, requiring more analysis to identify critical issues
- Less focused on specific exploit suggestions compared to linux-exploit-suggester-2
Code Comparison
LinEnum:
if [ "$thorough" = "1" ]; then
header "Thorough Tests"
thorough_tests
fi
linux-exploit-suggester-2:
for POC in ${EXPLOITS[@]}; do
evaluate_poc $POC
done
LinEnum focuses on comprehensive system enumeration with optional thorough tests, while linux-exploit-suggester-2 is more targeted towards identifying potential exploits based on system information.
Both tools serve different purposes in the penetration testing workflow. LinEnum provides a broader overview of system information, while linux-exploit-suggester-2 is more specialized in suggesting potential exploits based on the target system's characteristics.
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Pros of linuxprivchecker
- More comprehensive system information gathering, including network configurations, cron jobs, and user information
- Provides a detailed report of potential privilege escalation vectors
- Actively maintained with recent updates
Cons of linuxprivchecker
- Focuses on information gathering rather than suggesting specific exploits
- May require more manual analysis of the output to identify vulnerabilities
- Written in Python, which may not be available on all target systems
Code Comparison
linux-exploit-suggester-2:
#!/bin/bash
version="2.0.7"
...
linuxprivchecker:
#!/usr/bin/env python
###############################################
## linuxprivchecker.py
...
linux-exploit-suggester-2 is a Bash script, while linuxprivchecker is written in Python. This difference in programming languages affects portability and execution on target systems.
linux-exploit-suggester-2 focuses on matching the system's kernel version and installed packages against a database of known exploits, providing specific exploit suggestions. In contrast, linuxprivchecker performs a broader system analysis, gathering detailed information about the target system's configuration and potential security weaknesses.
Both tools are valuable for privilege escalation assessments, but they serve slightly different purposes. linux-exploit-suggester-2 is more targeted towards identifying specific exploit opportunities, while linuxprivchecker provides a comprehensive system overview for manual analysis.
Privilege Escalation Project - Windows / Linux / Mac
Pros of BeRoot
- Multi-platform support (Windows, Linux, macOS)
- More comprehensive privilege escalation checks
- Active development and regular updates
Cons of BeRoot
- Larger codebase, potentially slower execution
- Requires Python environment setup
- Less focused on specific exploit suggestions
Code Comparison
BeRoot (Python):
def check_suid_bin():
suid = []
for path in os.environ['PATH'].split(':'):
for file in os.listdir(path):
try:
if os.stat(os.path.join(path, file)).st_mode & stat.S_ISUID:
suid.append(os.path.join(path, file))
except:
pass
return suid
linux-exploit-suggester-2 (Bash):
function scan_exploits() {
echo "Searching for local exploits..."
for EXP in "${EXPLOITS[@]}"; do
eval "${EXP}_check"
done
}
BeRoot offers a more comprehensive approach to privilege escalation checks across multiple platforms, while linux-exploit-suggester-2 focuses specifically on suggesting Linux kernel exploits. BeRoot's Python codebase allows for more complex checks, but may require additional setup. linux-exploit-suggester-2's Bash script is simpler and more lightweight, making it easier to run on target systems without dependencies.
Convert 
designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Linux Exploit Suggester 2
Next-generation exploit suggester based on Linux_Exploit_Suggester
Key Improvements Include:
- More exploits!
- Option to download exploit code directly from Exploit DB
- Accurate wildcard matching. This expands the scope of searchable exploits.
- Output colorization for easy viewing.
- And more to come!
This script is extremely useful for quickly finding privilege escalation vulnerabilities both in on-site and exam environments.
Usage
When run without arguments, the script performs a 'uname -r' to grab the Linux operating system release version, and returns a list of possible exploits. Links to CVEs and applicable exploit POCs are included. Keep in mind that a patched/back-ported patch may fool this script.
$ ./linux-exploit-suggester-2.pl
Local Kernel: 4.4.0
Searching among 73 exploits...
Possible Exploits
[1] af_packet
CVE-2016-8655
Source: http://www.exploit-db.com/exploits/40871
[2] dirty_cow
CVE-2016-5195
Source: http://www.exploit-db.com/exploits/40616
[3] exploit_x
CVE-2018-14665
Source: http://www.exploit-db.com/exploits/45697
[4] get_rekt
CVE-2017-16695
Source: http://www.exploit-db.com/exploits/45010
Use the -k flag to manually enter a wildcard for the kernel/operating system release version.
$ ./linux-exploit-suggester-2.pl -k 3
Use the -d flag to open a download menu to retrieve exploit code directly from Exploit DB. You can either download all exploits or select them individually by number.
$ ./linux-exploit-suggester-2.pl -d
Exploit Download
(Download all: 'a' / Individually: '2,4,5' / Exit: ^c)
Select exploits to download: a
Downloading https://www.exploit-db.com/raw/40871 -> exploit_af_packet
Downloading https://www.exploit-db.com/raw/40616 -> exploit_dirty_cow
Downloading https://www.exploit-db.com/raw/45697 -> exploit_exploit_x
Downloading https://www.exploit-db.com/raw/45010 -> exploit_get_rekt
Use the -h flag to display the help menu
Contributing
This project is in active development. Feel free to suggest a new feature or open a pull request!
Top Related Projects
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Linux privilege escalation auditing tool
Scripted Local Linux Enumeration & Privilege Escalation Checks
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Privilege Escalation Project - Windows / Linux / Mac
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot