Hey guys! I have a ton of posts coming in the next couple of weeks, but one thing I wanted to go ahead and throw on here was DIGMEUP – a really simple automated Bash script for doing quick and dirty recon.
Thanks to the help of @neoice and Joseph Dicarlo for helping me put this together. There is a download link for the PoC .RPM AND .DEB files at the bottom! (Please stop putting NOPASSWD in sudoers for package managers! I truly actually
(PART TWO AT BOTTOM OF THE PAGE)There are many well known and documented attack vectors for the sudo command that exist. Please see my Useful Resources page for the Windows & Linux Privilege Escalation piece that contains a ton of helpful knowledge
Head on over to the Useful Resources section located at the top of the site or at this link. Once you’re there, you’ll find my ever growing and wide array of reference resources, as well as lesser known gems and tricks that