Post-Exploitation

>_PrivEsc Scanner

Linux and Windows privilege escalation path finder. Analyzes SUID binaries, writable cron jobs, sudo misconfigs, and unpatched kernel CVEs.

View Source

Key Features

SUID/SGID Enumeration: Find all SUID binaries and cross-reference with GTFOBins for escalation paths
Sudo Misconfig Detection: Parse sudoers for dangerous rules and wildcard exploits
Cron Job Analysis: Find writable scripts, world-writable directories in PATH
Kernel CVE Matching: Compare running kernel version against known local privilege escalation CVEs

Example Usage

$odivex-tools privesc --os linux --quick

$odivex-tools privesc --os linux --full --output report.json

$odivex-tools privesc --os windows --technique all

Setup

Install via the OdiVex CLI framework:

curl -sL https://tools.odivex.com/privesc | python3

The Privilege Escalation Problem

Getting a foothold is only half the battle. Escalating from a low-privileged user to root or SYSTEM requires systematic enumeration of dozens of potential attack paths. PrivEsc Scanner automates this enumeration so you can focus on exploitation.

Linux Quick Mode

Quick mode runs in under 30 seconds and covers the most common paths:

odivex-tools privesc --os linux --quick

Checks: SUID binaries, sudo -l, writable /etc/passwd, world-writable cron, weak service scripts

Windows Coverage

On Windows, PrivEsc Scanner covers:

AlwaysInstallElevated registry keys
Unquoted service paths
Weak service permissions (SERVICE_ALL_ACCESS)
DLL hijacking opportunities
Token impersonation privileges (SeImpersonatePrivilege)

# PowerShell one-liner
IEX (New-Object Net.WebClient).DownloadString('https://tools.odivex.com/privesc.ps1')

Establishing Connection...