## https://sploitus.com/exploit?id=19D8C411-BF0B-5501-9584-B8883B7B99DF
# ๐ก๏ธ Linux Privilege Escalation Toolkit



## ๐ Project Overview
**LinuxPrivEscToolkit** is an automated security auditing tool designed to detect common **Privilege Escalation** vectors on Linux systems.
In cybersecurity, "Privilege Escalation" is the act of going from a limited user (guest) to an administrator (Root). This tool acts as a **Purple Team** utility:
* ๐ด **Red Teamers** can use it to rapidly identify potential attack paths during a CTF or engagement.
* ๐ต **Blue Teamers** can use it to audit systems for misconfigurations and harden defenses.
Instead of manually checking for misconfigurations, this Python script automates the enumeration process, scanning the system for "open doors" and generating a detailed audit report.
---
## ๐ Key Features
### 1. ๐ System Reconnaissance
* Identifies OS release, Kernel version, and architecture.
* Checks current user privileges (Limited vs. Root).
### 2. ๐ก๏ธ SUID/SGID Binary Scanner
* Scans the entire filesystem for binaries with the **SUID bit** set.
* **Why it matters:** SUID binaries run with the permissions of the file owner (usually Root). If a vulnerability exists in an SUID binary (like `vim` or `python`), a low-level user can exploit it to gain Root access.
### 3. ๐ Weak Permissions Audit
* Checks critical system files (`/etc/passwd`, `/etc/shadow`, `/etc/sudoers`) for World-Writable permissions.
* Scans for misconfigured configuration files (e.g., web server configs) that allow unauthorized modification.
### 4. โฐ Cron Job Analysis
* Analyzes system cron jobs (`/etc/crontab`) to find scripts running as Root that are writable by standard users.
* **Vector:** If a user can write to a script that Root runs automatically, they can insert malicious code to execute with Root privileges.
### 5. โข๏ธ Kernel Exploit Detection
* Compares the current Kernel version against known critical vulnerabilities (e.g., **Dirty COW**, **Dirty Pipe**).
### 6. ๐ Automated Reporting
* Displays color-coded alerts in the terminal for real-time analysis.
* Saves a permanent log to `audit_report.txt` for documentation.
---
## ๐ ๏ธ Installation & Usage
### 1. Clone the Repository
```bash
git clone [https://github.com/Gaurav-Cyberbuddy/LinuxPrivEscToolkit.git](https://github.com/Gaurav-Cyberbuddy/LinuxPrivEscToolkit.git)
cd LinuxPrivEscToolkit