{"id":13540335,"url":"https://github.com/initstring/uptux","last_synced_at":"2026-03-02T18:02:50.571Z","repository":{"id":130807636,"uuid":"160078425","full_name":"initstring/uptux","owner":"initstring","description":"Linux privilege escalation checks (systemd, dbus, socket fun, etc)","archived":false,"fork":false,"pushed_at":"2019-10-02T22:11:16.000Z","size":54,"stargazers_count":289,"open_issues_count":1,"forks_count":35,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-03-27T02:11:58.388Z","etag":null,"topics":["hacking","pentesting","privilege-escalation"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/initstring.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-12-02T18:46:53.000Z","updated_at":"2025-03-19T11:39:49.000Z","dependencies_parsed_at":"2023-05-18T13:45:22.689Z","dependency_job_id":null,"html_url":"https://github.com/initstring/uptux","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fuptux","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fuptux/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fuptux/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/initstring%2Fuptux/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/initstring","download_url":"https://codeload.github.com/initstring/uptux/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248703200,"owners_count":21148118,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacking","pentesting","privilege-escalation"],"created_at":"2024-08-01T09:01:47.041Z","updated_at":"2026-03-02T18:02:45.546Z","avatar_url":"https://github.com/initstring.png","language":"Python","readme":"# uptux\nSpecialized privilege escalation checks for Linux systems.\n\nImplemented so far:\n- Writable systemd paths, services, timers, and socket units\n- Disassembles systemd unit files looking for:\n    - References to executables that are writable\n    - References to broken symlinks pointing to writeable directories\n    - Relative path statements\n    - Unix socket files that are writeable (sneaky APIs)\n- Writable D-Bus paths\n- Overly permissive D-Bus service settings\n- HTTP APIs running as root and responding on file-bound unix domain sockets\n\nThese checks are based on things I encounter during my own research, and this\ntool is certainly not inclusive of everything you should be looking at. Don't\nskip the classics!\n\n# Usage\nAll functionality is contained in a single file, because installing packages\nin restricted shells is a pain. Python2 compatibility will be maintained for\nthose crap old boxes we get stuck with. However, as the checks are really\naimed at more modern user-space stuff, it is unlikely to uncover anything\ninteresting on an old box anyway.\n\nThere is nothing to install, just grab the script and run it.\n\n```\nusage: uptux.py [-h] [-n] [-d]\n\nPrivEsc for modern Linux systems, by initstring (github.com/initstring)\n\noptional arguments:\n  -h, --help       show this help message and exit\n  -n, --nologging  do not write the output to a logfile\n  -d, --debug      print some extra debugging info to the console\n```\n\n# Testing\nFor testing purposes, you can run the `tests/r00tme.sh` script, which will\ncreate many vulnerable configuration issues on your system that uptux can\nidentify. Running `tests/unr00tme.sh` will undo these changes, but don't hold\nme to it. Needless to say, this is dangerous.\n\nUse a VM for testing this way.\n","funding_links":[],"categories":["\u003ca id=\"3ed50213c2818f1455eff4e30372c542\"\u003e\u003c/a\u003e工具","Linux"],"sub_categories":["\u003ca id=\"4c2095e7e192ac56f6ae17c8fc045c51\"\u003e\u003c/a\u003e提权\u0026\u0026PrivilegeEscalation","Tools"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finitstring%2Fuptux","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finitstring%2Fuptux","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finitstring%2Fuptux/lists"}