LEAP
4061CEM Coursework - LEAP: Local Enumeration And Privilege Escalation
Authors
Amrit Deol
Darin Elsharkawy
George Conington
Individual Functionality
Amrit
This section will give an overview of my individual work (More detail in the documentation). Another section will discuss merged usage.
All of my work will start with AD_ in the master branch.
Plugins
| Enumeration (Windows and Linux-based) | Privilege Escalation |
|---|---|
Host Information
|
Bash Reverse Shell - Linux |
DNS Enumeration
|
Meterpreter Shell - Windows |
Usage (for my plugins only - before merge)
For the basic/intermediate task (/src), everything is run through the 'miniMenu.py' file which is run in the terminal. options
will be printed to the user where they can make their selection by entering a number - this will change when everyone's work is
merged, in this case, one menu will be used to call upon everyone's classes.
For the advanced task (/src/Advanced), options will have to be defined in the terminal before running the program. Instead, options
are displayed by the use of --help or -h and they can input accordingly.
For the advanced++ task (/src/AdvancedPlus), firstly a file is sent over to the target, it can be interacted with through your local shell on the host. Once the file is sent over, it can be executed from the home terminal to enumerate/escalate the system.
Darin - Linux
Enumeration:
- Tools installed on system
- Files and directories owned by the user
Privilege Escalation:
- Shell in Root
George - Linux/Windows
Enumeration; - SUID (Linux) - System info (Windows) - SID (Windows) - SGID (Linux) - Ports (windows and Linux) Privilege: - Reverse shell (Linux)
all can be run thought Main.py which is run in the terminal and have completed basic and imtermediate tasks
Main Functionality
Naming Conventions
- [Initials]Enum/PrivEsc.py
Usage
- Each piece of functionality will be imported as a class in a menu
- Everything will be run from Menu.py