失眠网 > 【 Grey Hack 】万金油脚本：原地提权工具

【 Grey Hack 】万金油脚本：原地提权工具

时间：2023-11-16 03:10:17

脚本源码

metaxploit = include_lib("/lib/metaxploit.so")if not metaxploit thenmetaxploit = include_lib(current_path + "/metaxploit.so")end ifif not metaxploit then exit("Error: Can't find metaxploit library in the /lib path or the current folder")resultMem = ""resultKey = ""metaLib = metaxploit.load("/lib/net.so")if metaLib then print("Founded " + metaLib.lib_name + " "+ metaLib.version)exploits = metaxploit.scan(metaLib)for exploit in exploitsprint(exploit)result_lists = metaxploit.scan_address(metaLib, exploit).split("Unsafe check: ")[1:]for result_list in result_liststarget_str = result_list.split(".")[0]target_key = target_str.split(" ")[-1]result = metaLib.overflow(exploit, target_key[3:-4])if typeof(result) == "shell" thenroot_file = result.host_computer.File("/root")if root_file.has_permission("w") thenresult.start_terminalelse if root_file.has_permission("r") thenresultMem = exploitresultKey = target_key[3:-4]elseif resultMem == "" then resultMem = exploitif resultKey == "" then resultKey = target_key[3:-4]end ifend ifend forend forend ifmetaLib = []metaLib = metaxploit.load("/lib/init.so")if not metaLib then exit("Can't find " + "/lib/init.so")print("Founded " + metaLib.lib_name + " "+ metaLib.version)if metaLib then exploits = metaxploit.scan(metaLib)for exploit in exploitsprint(exploit)result_lists = metaxploit.scan_address(metaLib, exploit).split("Unsafe check: ")[1:]for result_list in result_liststarget_str = result_list.split(".")[0]target_key = target_str.split(" ")[-1]result = metaLib.overflow(exploit, target_key[3:-4])if typeof(result) == "shell" thenroot_file = result.host_computer.File("/root")if root_file.has_permission("w") thenresult.start_terminalelse if root_file.has_permission("r") thenresultMem = kernel_router_exploitresultKey = target_key[3:-4]elseif resultMem == "" then resultMem = exploitif resultKey == "" then resultKey = target_key[3:-4]end ifend ifend forend forend ifresult = metaLib.overflow(resultMem, resultKey)if typeof(result) == "shell" thenresult.start_terminalend ifexit("Fail...")