https://github.com/jacoblightning/capscalate
A program to escalate to root privileges with many different capabilities
https://github.com/jacoblightning/capscalate
c capabilities cmake cpp linux linux-capabilities privilege-escalation
Last synced: about 1 month ago
JSON representation
A program to escalate to root privileges with many different capabilities
- Host: GitHub
- URL: https://github.com/jacoblightning/capscalate
- Owner: Jacoblightning
- License: unlicense
- Created: 2024-10-17T01:34:22.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-10-17T18:49:14.000Z (over 1 year ago)
- Last Synced: 2025-02-09T04:17:15.288Z (over 1 year ago)
- Topics: c, capabilities, cmake, cpp, linux, linux-capabilities, privilege-escalation
- Language: C++
- Homepage:
- Size: 12.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# capscalate
A program to escalate to root privileges with many different capabilities
# Disclaimer
A few of these "exploits" cat cause temporary or permanat damage to a system if the "exploit" fails. Always have a root shell open while running these so you can fix any issues.
## What can they do?
- The exploit for CAP_SYS_ADMIN can temporarily render your system unusable until a reboot as it overwrites /usr/lib/libpam with a bind mount. If everything goes successfully, A reboot will not be required.
- The exploit for CAP_CHOWN could render your system with a corrupted /etc/shadow. Make sure to back it up before running.
# How do I use these?
1. Clone the repo: `git clone https://github.com/Jacoblightning/capscalate && cd capscalate`'
1.5. At this point in development, there is no autodetect functionality. You will have to edit main.cpp to run the one you want.
2. Build capscalate: `mkdir build && cd build && cmake .. && cmake --build .`
3. Add the capability you want to exploit: `sudo setcap +ep capscalate`
4. Run capscalate: `./capscalate`
5. Reap the benefits of a root shell.