hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
omg-payloads/payloads/library/execution/run-command-as-root_without.../README.md

1.1 KiB
Raw Permalink Blame History

Run any command as root, without knowing the sudo password

A payload that allows for executing any bash command on the targets computer as root, without knowing their sudo password.

Category: Execution

Description

This payload intercepts the .bashrc file so when the user uses sudo they type their password in our fake prompt letting us execute any command with root. We also execute the targets original command, and remove our injection in the .bashrc file to remove traces.

Getting started

Dependencies

  • Linux
  • Bash

Prerequisites

If your target uses Gnome, uncomment this line in the payload (uncomment by removing REM_BLOCK and END_REM:

REM_BLOCK
Use this if your targets DE is Gnome (remove REM_BLOCK and END_REM + this line)
ALT F2
DELAY 100
STRINGLN xterm
DELAY 500
END_REM

If your target uses a DE or WM that lets you open a terminal with ctrl-alt-t uncomment this line:

REM_BLOCK
Use this if your targets DE or WM has the ctrl-alt-t shortcut (remove REM_BLOCK and END_REM + this line)
CTRL-ALT t
DELAY 500
END_REM

Settings

  • #cmd what command to run as root, do not include sudo