Skip to content

Latest commit

 

History

History
74 lines (46 loc) · 10.3 KB

README.md

File metadata and controls

74 lines (46 loc) · 10.3 KB

Logo

SUIDump - Automatic SUID Checker

forksBDG starsBDG licenseBDG languageBDG

Usage on unauthorized systems is strictly forbidden

DEMO

Overview

SUIDump is a Python script designed to help identify potential privilege escalation vectors in Linux systems by analyzing setuid (SUID) binaries. SUID binaries are executable programs that run with the privileges of the file owner, potentially allowing unauthorized users to escalate their privileges.

This tool automates the process of:

  • Discovering SUID binaries on the system.
  • Checking each SUID binary for known privilege escalation vectors using GTFOBins, a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.

SUIDump provides a convenient way to assess the security of a Linux system and identify binaries that may pose a security risk. It offers both standard and verbose scanning modes, making it suitable for both quick assessments and in-depth security audits.

Features

  • Automated discovery of SUID binaries on the system.
  • Integration with GTFOBins for identifying potential privilege escalation vectors.
  • Customizable scanning options, including verbose mode.
  • Rate limiting handling for checking GTFOBins (retries with a delay).
  • User-friendly command-line interface.

Installation

Install SUIDump by using git

git clone https://github.com/lypd0/SUIDump && cd SUIDump && python3 SUIDump.py -h

Deployment

Deploy SUIDump by running the script using python3:

python3 SUIDump.py -h

or by using the following download&execute oneliner for dynamical deployment (using custom domain to avoid token limitations, feel free to replace URL with github raw):

curl https://cdn.lypd0.com/suidump | python3 

offline oneliner (no download or internet connection required, for CTFs)
⚠️ this command will clear the console and its previous text before execution to avoid environment lag issues

clear && echo "IyBTVUlEdW1wIC0gU1VJRCBQcml2aWxlZ2UgRXNjYWxhdGlvbiBDaGVja2VyCiMgVmVyc2lvbjogMS4wMi1vZmZsaW5lCiMgQXV0aG9yOiBseXBkMAojIEdpdEh1YiBSZXBvc2l0b3J5OiBodHRwczovL2dpdGh1Yi5jb20vbHlwZDAvU1VJRHVtcAoKaW1wb3J0IG9zCmltcG9ydCBhcmdwYXJzZQppbXBvcnQgc3VicHJvY2VzcwppbXBvcnQgdGltZQoKIyBMaXN0IG9mIFNVSUQgYmluYXJ5IG5hbWVzCnN1aWRfYmluYXJ5X25hbWVzID0gc2V0KFsKICAgICJhYS1leGVjIiwgImFiIiwgImFnZXR0eSIsICJhbHBpbmUiLCAiYXIiLCAiYXJqIiwgImFycCIsICJhcyIsICJhc2NpaS14ZnIiLCAiYXNoIiwgImFzcGVsbCIsICJhdG9ibSIsCiAgICAiYXdrIiwgImJhc2UzMiIsICJiYXNlNjQiLCAiYmFzZW5jIiwgImJhc2V6IiwgImJhc2giLCAiYmMiLCAiYnJpZGdlIiwgImJ1c3lib3giLCAiYnppcDIiLCAiY2FiYWwiLCAiY2Fwc2giLAogICAgImNhdCIsICJjaG1vZCIsICJjaG9vbSIsICJjaG93biIsICJjaHJvb3QiLCAiY2xhbXNjYW4iLCAiY21wIiwgImNvbHVtbiIsICJjb21tIiwgImNwIiwgImNwaW8iLCAiY3B1bGltaXQiLAogICAgImNzaCIsICJjc3BsaXQiLCAiY3N2dG9vbCIsICJjdXBzZmlsdGVyIiwgImN1cmwiLCAiY3V0IiwgImRhc2giLCAiZGF0ZSIsICJkZCIsICJkZWJ1Z2ZzIiwgImRpYWxvZyIsICJkaWZmIiwKICAgICJkaWciLCAiZGlzdGNjIiwgImRtc2V0dXAiLCAiZG9ja2VyIiwgImRvc2JveCIsICJlZCIsICJlZmF4IiwgImVsdmlzaCIsICJlbWFjcyIsICJlbnYiLCAiZXFuIiwgImVzcGVhayIsCiAgICAiZXhwYW5kIiwgImV4cGVjdCIsICJmaWxlIiwgImZpbmQiLCAiZmlzaCIsICJmbG9jayIsICJmbXQiLCAiZm9sZCIsICJnYXdrIiwgImdjb3JlIiwgImdkYiIsICJnZW5pZSIsCiAgICAiZ2VuaXNvaW1hZ2UiLCAiZ2ltcCIsICJncmVwIiwgImd0ZXN0ZXIiLCAiZ3ppcCIsICJoZCIsICJoZWFkIiwgImhleGR1bXAiLCAiaGlnaGxpZ2h0IiwgImhwaW5nMyIsCiAgICAiaWNvbnYiLCAiaW5zdGFsbCIsICJpb25pY2UiLCAiaXAiLCAiaXNwZWxsIiwgImpqcyIsICJqb2luIiwgImpxIiwgImpydW5zY3JpcHQiLCAianVsaWEiLCAia3NoIiwgImtzc2hlbGwiLAogICAgImt1YmVjdGwiLCAibGVzcyIsICJsb2dzYXZlIiwgImxvb2siLCAibHVhIiwgIm1ha2UiLCAibWF3ayIsICJtb3JlIiwgIm1vc3F1aXR0byIsICJtc2dhdHRyaWIiLCAibXNnY2F0IiwKICAgICJtc2djb252IiwgIm1zZ2ZpbHRlciIsICJtc2dtZXJnZSIsICJtc2d1bmlxIiwgIm11bHRpdGltZSIsICJtdiIsICJuYXNtIiwgIm5hd2siLCAibmNmdHAiLCAibmZ0IiwgIm5pY2UiLAogICAgIm5sIiwgIm5tIiwgIm5tYXAiLCAibm9kZSIsICJub2h1cCIsICJvZCIsICJvcGVuc3NsIiwgIm9wZW52cG4iLCAicGFuZG9jIiwgInBhc3RlIiwgInBlcmYiLCAicGVybCIsCiAgICAicGV4ZWMiLCAicGciLCAicGhwIiwgInBpZHN0YXQiLCAicHIiLCAicHR4IiwgInB5dGhvbiIsICJyYyIsICJyZWFkZWxmIiwgInJlc3RpYyIsICJyZXYiLCAicmx3cmFwIiwKICAgICJyc3luYyIsICJydG9ycmVudCIsICJydW4tcGFydHMiLCAicnZpZXciLCAicnZpbSIsICJzYXNoIiwgInNjYW5tZW0iLCAic2VkIiwgInNldGFyY2giLCAic2V0ZmFjbCIsCiAgICAic2V0bG9jayIsICJzaHVmIiwgInNvZWxpbSIsICJzb2Z0bGltaXQiLCAic29ydCIsICJzcWxpdGUzIiwgInNzIiwgInNzaC1hZ2VudCIsICJzc2gta2V5Z2VuIiwKICAgICJzc2gta2V5c2NhbiIsICJzc2hwYXNzIiwgInN0YXJ0LXN0b3AtZGFlbW9uIiwgInN0ZGJ1ZiIsICJzdHJhY2UiLCAic3RyaW5ncyIsICJzeXNjdGwiLCAic3lzdGVtY3RsIiwKICAgICJ0YWMiLCAidGFpbCIsICJ0YXNrc2V0IiwgInRibCIsICJ0Y2xzaCIsICJ0ZWUiLCAidGVycmFmb3JtIiwgInRmdHAiLCAidGljIiwgInRpbWUiLCAidGltZW91dCIsCiAgICAidHJvZmYiLCAidWwiLCAidW5leHBhbmQiLCAidW5pcSIsICJ1bnNoYXJlIiwgInVuc3F1YXNoZnMiLCAidW56aXAiLCAidXBkYXRlLWFsdGVybmF0aXZlcyIsICJ1dWRlY29kZSIsCiAgICAidXVlbmNvZGUiLCAidmFncmFudCIsICJ2aWV3IiwgInZpZ3IiLCAidmltIiwgInZpbWRpZmYiLCAidmlwdyIsICJ3M20iLCAid2F0Y2giLCAid2MiLCAid2dldCIsCiAgICAid2hpcHRhaWwiLCAieGFyZ3MiLCAieGRvdG9vbCIsICJ4bW9kbWFwIiwgInhtb3JlIiwgInh4ZCIsICJ4eiIsICJ5YXNoIiwgInpzaCIsICJ6c29lbGltIgpdKQoKIyBGdW5jdGlvbiB0byBmaW5kIFNVSUQgYmluYXJpZXMKZGVmIGZpbmRfc3VpZF9iaW5hcmllcygpOgogICAgc3VpZF9iaW5hcmllcyA9IFtdCiAgICB0cnk6CiAgICAgICAgIyBUcmF2ZXJzZSB0aGUgZmlsZXN5c3RlbSB0byBmaW5kIFNVSUQgYmluYXJpZXMKICAgICAgICBmb3Igcm9vdCwgXywgZmlsZXMgaW4gb3Mud2FsaygnLycpOgogICAgICAgICAgICBmb3IgZmlsZW5hbWUgaW4gZmlsZXM6CiAgICAgICAgICAgICAgICBmaWxlcGF0aCA9IG9zLnBhdGguam9pbihyb290LCBmaWxlbmFtZSkKICAgICAgICAgICAgICAgICMgQ2hlY2sgaWYgdGhlIGZpbGUgaXMgZXhlY3V0YWJsZSBhbmQgaGFzIHRoZSBTVUlEIGJpdCBzZXQKICAgICAgICAgICAgICAgIGlmIG9zLmFjY2VzcyhmaWxlcGF0aCwgb3MuWF9PSykgYW5kIG9zLnN0YXQoZmlsZXBhdGgpLnN0X21vZGUgJiAwbzQwMDA6CiAgICAgICAgICAgICAgICAgICAgc3VpZF9iaW5hcmllcy5hcHBlbmQoZmlsZXBhdGgpCiAgICBleGNlcHQgS2V5Ym9hcmRJbnRlcnJ1cHQ6CiAgICAgICAgcHJpbnQoIlxuXDAzM1szMW1bLV1cMDMzWzBtIFNjYW4gaW50ZXJydXB0ZWQgYnkgdGhlIHVzZXIuIikKICAgICAgICBleGl0KDEpCiAgICBleGNlcHQgRXhjZXB0aW9uIGFzIGU6CiAgICAgICAgIyBIYW5kbGUgYW55IGV4Y2VwdGlvbnMgdGhhdCBtYXkgb2NjdXIgZHVyaW5nIHRoZSBzZWFyY2gKICAgICAgICBwcmludChmIlwwMzNbMzFtWy1dXDAzM1swbSBFcnJvciB3aGlsZSBmaW5kaW5nIFNVSUQgYmluYXJpZXM6IHtzdHIoZSl9IikKICAgIHJldHVybiBzdWlkX2JpbmFyaWVzCgojIEZ1bmN0aW9uIHRvIGNoZWNrIFNVSUQgYmluYXJpZXMgYWdhaW5zdCBHVEZPQmlucwpkZWYgY2hlY2tfbG9jYWxfYmluYXJ5KGJpbmFyeV9uYW1lLCB2ZXJib3NlPUZhbHNlLCByZXRyaWVzPTMsIHJldHJ5X2RlbGF5PTUpOgogICAgdHJ5OgogICAgICAgIGlmIGJpbmFyeV9uYW1lIGluIHN1aWRfYmluYXJ5X25hbWVzOgogICAgICAgICAgICBwcmludChmIlxuXDAzM1sxOzMybVsrXVwwMzNbMG0ge2JpbmFyeV9uYW1lfSAtLT4gcG90ZW50aWFsIHZlY3RvciBmb3VuZCIpCiAgICAgICAgICAgIHJldHVybiBUcnVlCiAgICAgICAgZWxzZToKICAgICAgICAgICAgaWYgdmVyYm9zZToKICAgICAgICAgICAgICAgIHByaW50KGYiXDAzM1szNm1bKl1cMDMzWzBtIHtiaW5hcnlfbmFtZX0gLS0+IG5vdCB2dWxuZXJhYmxlIikKICAgIGV4Y2VwdCBLZXlib2FyZEludGVycnVwdDoKICAgICAgICBwcmludCgiXG5cMDMzWzMxbVstXVwwMzNbMG0gU2NhbiBpbnRlcnJ1cHRlZCBieSB0aGUgdXNlci4iKQogICAgICAgIGV4aXQoMSkKICAgIGV4Y2VwdCBFeGNlcHRpb24gYXMgZToKICAgICAgICBpZiByZXRyaWVzID4gMDoKICAgICAgICAgICAgIyBIYW5kbGUgcmV0cmllcwogICAgICAgICAgICBwcmludChmIlwwMzNbMzFtWy1dXDAzM1swbSBFcnJvciB3aGlsZSBjaGVja2luZyB7YmluYXJ5X25hbWV9LCByZXRyeWluZy4uLiIpCiAgICAgICAgICAgIHRpbWUuc2xlZXAocmV0cnlfZGVsYXkpCiAgICAgICAgICAgIGNoZWNrX2xvY2FsX2JpbmFyeShiaW5hcnlfbmFtZSwgdmVyYm9zZSwgcmV0cmllcyAtIDEpCiAgICAgICAgZWxzZToKICAgICAgICAgICAgcHJpbnQoZiJcMDMzWzMxbVstXVwwMzNbMG0gRXJyb3Igd2hpbGUgY2hlY2tpbmcge2JpbmFyeV9uYW1lfSIpCiAgICByZXR1cm4gRmFsc2UKCiMgTWFpbiBmdW5jdGlvbgpkZWYgbWFpbigpOgogICAgcHJpbnQoIiAiKQogICAgcHJpbnQoIlwwMzNbMTszNm0gICtcMDMzWzBtIC4tLiAuIC4gLi0uIC4tLiAuIC4gLiAgLiAuLS4gXDAzM1sxOzM2bSsgIikKICAgIHByaW50KCJcMDMzWzE7MzZtICsgXDAzM1swbSBgLS4gfCB8ICB8ICB8ICApfCB8IHxcL3wgfC0nIFwwMzNbMTszNm0gKyAiKSAgIAogICAgcHJpbnQoIlwwMzNbMTszNm0gICtcMDMzWzBtIGAtJyBgLScgYC0nIGAtJyBgLScgJyAgYCAnICAgXDAzM1sxOzM2bSsgIikKICAgIHByaW50KCJcMDMzWzM2bSAgICAgICA8XDAzM1swbSAxLjAyLW9cMDMzWzM2bSBAXDAzM1swbSBseXBkMC5jb21cMDMzWzM2bSA+XG5cMDMzWzBtIikKICAgIHByaW50KCIiKQoKICAgIHBhcnNlciA9IGFyZ3BhcnNlLkFyZ3VtZW50UGFyc2VyKGRlc2NyaXB0aW9uPSJTVUlEIFByaXZpbGVnZSBFc2NhbGF0aW9uIENoZWNrZXIiKQogICAgcGFyc2VyLmFkZF9hcmd1bWVudCgiLXYiLCAiLS12ZXJib3NlIiwgYWN0aW9uPSJzdG9yZV90cnVlIiwgaGVscD0iUHJpbnQgYWRkaXRpb25hbCBpbmZvcm1hdGlvbiBkdXJpbmcgc2NhbiIpCiAgICBhcmdzID0gcGFyc2VyLnBhcnNlX2FyZ3MoKQoKICAgIHByaW50KGYiXDAzM1szNm1bfl1cMDMzWzBtIENvbGxlY3RpbmcgU1VJRCBmaWxlcy4uLiIpCiAgICBzdWlkX2JpbmFyaWVzID0gZmluZF9zdWlkX2JpbmFyaWVzKCkKICAgIHByaW50KGYiXDAzM1szNm1bfl1cMDMzWzBtIENvbGxlY3RlZCAoe2xlbihzdWlkX2JpbmFyaWVzKX0pIFNVSUQgYmluYXJpZXMuIikKICAgIHByaW50KGYiXDAzM1szNm1bfl1cMDMzWzBtIFNjYW5uaW5nLi4uIikKCiAgICBpZiBub3Qgc3VpZF9iaW5hcmllczoKICAgICAgICBwcmludCgiXDAzM1szMW1bLV1cMDMzWzBtIE5vIFNVSUQgYmluYXJpZXMgZm91bmQuIikKICAgICAgICByZXR1cm4KCiAgICBmb3IgYmluYXJ5X3BhdGggaW4gc3VpZF9iaW5hcmllczoKICAgICAgICB0aW1lLnNsZWVwKDAuMDUpCiAgICAgICAgYmluYXJ5X25hbWUgPSBvcy5wYXRoLmJhc2VuYW1lKGJpbmFyeV9wYXRoKQogICAgICAgIGlmIGNoZWNrX2xvY2FsX2JpbmFyeShiaW5hcnlfbmFtZSwgYXJncy52ZXJib3NlKToKICAgICAgICAgICAgcHJpbnQoIlwwMzNbMzRtICAgID5cMDMzWzBtIFBvdGVudGlhbFwwMzNbMTszMm0gVlVMTkVSQUJMRVwwMzNbMG0gYmluYXJ5IGZvdW5kIikKICAgICAgICAgICAgcHJpbnQoZiJcMDMzWzM0bSAgICA+XDAzM1swbSBMb2NhdGlvbjpcMDMzWzM7OTBtIHtiaW5hcnlfcGF0aH0iKQogICAgICAgICAgICBwcmludChmIlwwMzNbMzRtICAgID5cMDMzWzBtIEV4cGxvaXQ6XDAzM1szOzkwbSBodHRwczovL2d0Zm9iaW5zLmdpdGh1Yi5pby9ndGZvYmlucy97YmluYXJ5X25hbWV9I3N1aWRcblwwMzNbMG0iKQogICAgICAgICAgICAKICAgIHByaW50KCJcMDMzWzM2bVt+XVwwMzNbMG0gU2NhbiB0ZXJtaW5hdGVkLlxuICIpICAgICAgIAoKaWYgX19uYW1lX18gPT0gIl9fbWFpbl9fIjoKICAgIG1haW4oKQo=" | base64 -d | python3

Contributions

Contributions, bug reports, and feature requests are welcome! Feel free to open an issue or submit a pull request.

Credits

SUIDump acknowledges and expresses gratitude to the GTFOBins project for providing a valuable resource that makes privilege escalation vector identification more accessible.

License

This project is licensed under the MIT License. Please review the LICENSE file for more details.