TryHackMe - Debug

Enumeration IP: 10.10.51.225 We can scan the host using rustscan (like nmap; but faster!) for open ports: rustscan -a 10.10.51.225 --timeout 5000 --tries 2 --ulimit 5000 -- -sC -sV -a specifies the Host IP address --timeout specifies the timeout before saying the port is closed --tries how many times to try and connect to the port --ulimit specifies how many sockets to open at a time -- for passing arguments for nmap -sC -sV nmap arguments telling rustscan to run default scripts and version fingerprinting Scan results:...

April 3, 2021 · 19 min · Umar_0x01

SUID Enumeration & Exploitation - The Automated Way!

What the heck is SUID3NUM!? Are you also tired of finding && enumerating possibly exploitable SUID binaries like me!? Only to miss the ones you were going to escalate your priviliges with? Welp, I just happened to develop a solution: SUID 3NUM. (Self promote, I will! - Yoda) A (not-so-cool-as-it-seems-like) standalone script supporting both python2 & python3 to find out all SUID binaries in a linux box and do the following:...

October 23, 2019 · 3 min · Umar_0x01