Current File : /home/bmofiscom/public_html/wp-admin/privcheck.sh

#!/bin/bash

echo "==============================="
echo "     🔥 Linux Privilege Escalation Checker 🔥     "
echo "==============================="

# Cek Kernel Version
echo "[+] Cek Kernel Version..."
uname -a
echo ""

# Cek apakah Kernel Rentan (Exploit-db)
echo "[+] Cek apakah kernel ada exploit..."
KERNEL_VER=$(uname -r)
searchsploit linux kernel $KERNEL_VER

# Cek SUDO Rights (Apakah kita bisa jalanin sesuatu tanpa password)
echo "[+] Cek sudo rights..."
sudo -l

# Cek SUID Binary (Binary yang bisa escalate privilege)
echo "[+] Cek SUID Binaries..."
find / -perm -4000 -type f 2>/dev/null

# Cek Cronjobs yang bisa kita hijack
echo "[+] Cek Cronjobs..."
cat /etc/crontab
ls -la /etc/cron.*

# Cek apakah ada file dengan permission write di direktori root
echo "[+] Cek file writeable di /root..."
find /root -writable 2>/dev/null

# Cek apakah ada service berjalan yang bisa di-exploit
echo "[+] Cek Running Services..."
ps aux | grep -E "mysql|apache|nginx|docker|redis"

# Cek apakah ada credential yang bocor di config file
echo "[+] Cek file credential sensitif..."
grep -r "password" /etc/ 2>/dev/null
grep -r "passwd" /etc/ 2>/dev/null

echo "==============================="
echo "  ✅ Pengecekan selesai. Cek hasil di atas!  "
echo "==============================="