Witchdocsec
/
SUnami
mirror of https://github.com/witchdocsec/SUnami.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update README.md

main
witchdocsec 2023-06-11 23:56:28 +01:00 committed by GitHub
parent fc2ab1d2b0
commit 2cfda4b083
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -3,6 +3,9 @@
0 interaction privesc is always recommended but not always achievable. For this reason we have created a tool for the most trivial priv esc in history (with a few drawbacks).
This is not an exploit just a cheap but effective trick. The usecase is when you have a shell on a sudoers account but no sudo cred.
It works by manipulating sudo via aliasing in their .bashrc file to prepend a malicious attacker specified command first in the background.
This does mean you will need to wait for sudo to be executed.
This does mean you will need to wait for sudo to be executed.
# Notice
(currently sometimes the shells are stopped. we are working on a fix. for the time being we suggest exilfrating shadow or root ssh keys)