Script to find the binaries which are vulnerable to SUID bit privilege escalation in the Linux enviroment.
When we find all the binaries which have their SUID bit set, then we can't decide easily that which of them can be exploitable. As all are not exploitable. We normally search each binary one by one in the gtfobins and check if the binary is exploitable for SUID bit escalation. This script will save your time in that. All you need to do is save the output of the find command in a file in your own machine and run this tool. It will search all the binaries in gtfobins and will find if any of the binary is exploitable.
First find all the binaries with SUID bits set in the target enviroment with the following command:
find / -perm -u=s -type f 2>/dev/nullCopy the results of the above command and save it in a file, lets say results.txt.
Clone the repository:
git clone https://github.com/0xt0pus/SUID-Exploit-Finder.git && cd SUID-Exploit-FinderRun the script with the path in the argument of the script.
python script.py /tmp/results.txtor if your script and results files are in the same directory.
python script.py results.txtIt will list all the binaries wich can be exploited to get root access of the system.
Now, Head over to https://gtfobins.github.io/ and search for the binary which the script gave you.
Check for the command which can be used for the privilege escalation under SUID.