提权

Windows

内核提权

别用python3

ms16-032

检测脚本

https://github.com/AonCyberLabs/Windows-Exploit-Suggester

python -m pip install xlrd==1.2.0

image-20230707155103311

python windows-exploit-suggester.py –database 2023-07-07-mssb.xls –systeminfo 1.txt

内核提权所用脚本

https://github.com/SecWiki/windows-kernel-exploits

linux

检测脚本

https://github.com/InteliSecureLabs/Linux_Exploit_Suggester

脏牛漏洞

gcc -pthread dirty.c -o dirty -lcrypt
利用版本必须低于如下版本

1
2
3
4
5
6
7
Centos7 /RHEL7    3.10.0-327.36.3.el7
Cetnos6/RHEL6     2.6.32-642.6.2.el6
Ubuntu 16.10         4.8.0-26.28
Ubuntu 16.04         4.4.0-45.66
Ubuntu 14.04         3.13.0-100.147
Debian 8                3.16.36-1+deb8u2
Debian 7                3.2.82-1