Quick Disclaimer Special thanks to the contributors at https://gtfobins.github.io/ for their outstanding work. Their comprehensive database has been a lifesaver. This script utilizes their remarkable data to assist in identifying and analyzing potential security misconfigurations. Kudos to the GTFOBins team!
With SuperHelper, you won't miss a thing! The script provides a clear and color-coded output, making it easy to identify important information. It checks available SUDO commands and available SUID binaries against https://gtfobins.github.io/, ensuring comprehensive coverage.
Looking at the output of tools like Linpeas, especially in the SUID section, can be tedious to read. Linpeas doesn't differentiate between default binaries with SUID or custom binaries. This oversight can lead to missing critical SUID configurations and wasting time on rabbit holes.
- Standalone and Portable: This script is designed for portability and can be used offline, although it needs to be run online at least once for initial setup.
- Misconfiguration Detection: Searches for misconfigurations on SUID binaries and SUDO commands.
- Tested on Python 3.11: Compatibility has been verified with Python 3.11.
- Download and JSONify Data: Fetches and processes data available on https://gtfobins.github.io/. The JSON file can be stored locally or saved into local variable.
- List Possible SUID Binaries: Identifies potential SUID binaries with entries on GTFOBin, helping to pinpoint exploitable configurations.
- List Custom SUID Binaries: Highlights custom SUID binaries that may have unique configurations on the system.
- List Available SUDO Commands: Displays a comprehensive list of available SUDO commands, cross-referenced with GTFOBin entries.
- Initial Setup: The script needs to run online at least once to parse GTFOBins site and create a JSON file used for subsequent offline runs.
Execute
python SuperHelper.py -dto parse GTFOBin database into json format and save it into file.
python main.py -d
- Local Variable: Parsed GTFOBin data as base64-encoded variable within the script. This allows offline usage without the need for online retrieval mini.
Execute
python SuperHelper.py -cbto obtain base64 encoded version of the json data.
python superhelper.py -cb
eyc3ei[...SNIPPED...]LCAnc3VkbyddfQ==
Copy the data and replace the variable BASE64_ENCODED_GTFOBIN variable which currently is set to CHANGETHIS in its place.
Now execute python SuperHelper.py -lb to use the base64 encoded json data.
python superhelper.py -s -S -p kali -lb
usage: superhelper.py [-h] [-s | --suid | --no-suid] [-S | --sudo | --no-sudo] [-p PASSWD] [-lb | --lbase64 | --no-lbase64] [-cb | --cbase64 | --no-cbase64] [-d | --download | --no-download]
Perform checks for SUDO/SUID
options:
-h, --help show this help message and exit
-s, --suid, --no-suid
Check for SUID binaries.
-S, --sudo, --no-sudo
Check for SUDO permissions.
-p PASSWD, --passwd PASSWD
Specify the password used to check SUDO (default is "")
-lb, --lbase64, --no-lbase64
Load GTFOBin data from local base64-encoded variable: (BASE64_ENCODED_GTFOBIN).
-cb, --cbase64, --no-cbase64
Create base64-encoded GTFOBin data. (Action requires an internet connection.)
-d, --download, --no-download
Download GTFOBins data. (Action requires an internet connection.)
python superhelper.py -d
python superhelper.py -cb
eyc3ei[...SNIPPED...]LCAnc3VkbyddfQ==
python superhelper.py -S -p Password123! -lb
python superhelper.py -s
python superhelper.py -s -S -p Password123!
This script is provided for educational purposes only. The author is not responsible
for any misuse or damage caused by the use of this script. Use it responsibly and
only on systems you have explicit permission to analyze.