Intro

Rootend is an open source python-based tool that helps penetration testers and CTF players with their *nix Enumeration needs and also acts as an Auto Privilege Escalation tool.

Rootend’s main goal is to pinpoint enumeration and exploitation of system misconfigurations. It has features that constitute it as pretty unique tool.

 

Features

Rootend checks a certain variety of SUID Binary Files and it provides the user with a tip of how to leverage them to exploit the system, or in some cases it exploits them directly in order to provide system level access.

It identifies weak permissions or ownership of important system files, and assists the attacker to exploit them and gain root access.

Rootend can find default or custom PHP configuration files.

Can also discover system capabilities and inform the user of ways to exploit them.

Rootend is capable of detecting system containers misconfigurations.

It identifies world writable files of root user.

Finally, Rootend can observe some rare privilege escalation scenarios, like REDIS & APACHE2 writable configuration files.

 

Quality of Life Features

Rootend comes with a few Quality of Life features that include the following.

It comes with two modes, AUTO, for the penetration tester with a life or MANUAL for the brave ones.

It reduces the output production compared to the “competition”

And finally, if you want to colour-code your results, Rootend comes with that option.

 

Summary

Rootend is one of the most powerful tools for *nix Enumeration and Privilege Escalation out there.

You can find the latest version at TwelveSec’s github page.

Please use responsibly. Enjoy!

Share This

Share this post with your friends!