This project is strongly inspired by the GTFO bins project. Built for lazy hackers (like me) who prefer to do everything in one place
Tool to make privilege escalation on linux systems easier, using GTFObins (get the f*** out Binaries) techniques. The tool is designed to exploit, identify and list all binaries deconfigured for privilege exploitation: Binaries with SUID, Capabilities, SUDO privileges, reading privileged files.
GTFOBins is a community-driven project that aims to collect Unix binaries that can be abused for privilege escalation. Each entry in the GTFOBins database provides detailed information about a specific binary, including its functionality, potential vulnerabilities, and instructions on how to exploit it to gain escalated privileges. The database serves as a valuable resource for security researchers and system administrators.
curl https://raw.githubusercontent.com/Jsmoreira02/CatBinaries/refs/heads/main/CatBinaries.sh -o /tmp/CatBinaries.sh
-
SUID: If the binary has the SUID bit set, it can be exploited to give the highest privilege on Linux/Unix
-
Sudo Binaries: If the binary is allowed to run as superuser by sudo, it can be exploited to give the highest privilege on Linux/Unix
-
Capabilities: Exploit CAP_SETUID capability
-
Reverse Shell: Remote connection
-
File Read: It reads data from files, it may be used to do privileged reads
-
The script will recognize the binary and use the normally selected exploit method, but more versatile and new options to exploit the target
- ⏰ COMING SOON: New form of exploitation: Library Load
- ⏰ COMING SOON: Clearing the tracks feature
- This script will constantly receive new binaries and forms of exploitation
I am not responsible for any illegal use or damage caused by this tool. It was written for fun, not evil and is intended to raise awareness about cybersecurity.