In this post, you will learn what is unix-privesc-check and the commands available and also below is the video format of the post do check it out. If you have any doubt please comment down below and I will help you out.
What is unix-privesc-check ❓
unix-privesc-check is a vulnerability analysis tool available for Linux only and this tool has simply only two commands, you will see that later below.
The tool tries to find corrupt files that could allow local unprivileged users to escalate privileges to other users or to access local apps. I hope you understood, the example will be database
It can run either as a normal user or as a root.
Also Read: Searchsploit full tutorial for beginners
Who developed the tool
The tool was developed by the company called pentest monkey, yes this tool is written by an org and I really like their stuff. Below is the link to download the tool and the tool guide…
Features the unix-privesc-check tool got
- Security patching
- Cracking passwords to check for weak ones
- IP Stack configuration
- Weak file permissions
- Configuration of local applications
- Other best-practise stuff
Useful commands in unix-privesc-check tool
–help: Shows help commands of the tool
standard: Standard scan on the internal target
detailed: Detailed scan of the target
How to use the unix-privesc-check tool
To use the tool just follow the below examples and I am sure by end of this post you will be familiar with the tool.
Example1: Standard scan
Doing a standard scan using the tool, just enter this following command
Example2: Detailed scan
In this example let’s see how to do a detailed scan
Example3: Save output
Let’s save the result in a .txt format
unix-privesc-check standard > file.txt
Instead of standard, you can add detailed
Finally, according to my knowledge, this is an awesome tool and some alternative for the tool is lynis and I have already written a blog post on lynis do check it out ????
Also Read: Full tutorial on Lynis tool from noob to pro
Also Read: Nessus vulnerability analysis