LEAP
LEAP: Local Enumeration And Privesc. Framework for 4061CEM project.
Team Members
- JG
- BF
- JO
Task Assignments
JG
- Port Scanner - Find open TCP and UDP Ports
- Daemon Privilege Escalation - Uses SUID Privilege escaltaion methods to get into a root shell
- System Information Enumeration - Finds OS and System information for Windows and Linux Users
- SUID File Enumeration - Finds all the files on a system with SUID privileges
- Grep Privilege Escalation - Uses SUID exploits to read any file of the users choice
- Windows Install as User - Exploits update.exe within Microsoft Teams to allow users download files without permission
BF
- Host info - gets information about the user such as their userID, Hostname, current path etc
- system info - gets the OS release and kernal version
- /cat - reads data from files
JO
- Host Enum - gets all users and all groups
- Hardware Enum - Displays CPU info and Linux Versions
- Curl Escalator - reads data from shadow file
Team Standardisation
After a meeting we have decided to make sure we all follow similar patterns with our code to make it easier to use. We decided to make our own plugin files and import these to leap.py. We should follow the pattern of: ititials_plugins for example jg_plugins and then the methods should follow ititials+type+method for example jgPrivescDaemon.