Purpose
Enumerates common Linux privilege escalation vectors after gaining initial access.
Checks SUID/SGID binaries, writable directories in $PATH, sudo -l output, cron
jobs readable by the current user, world-writable files, and the kernel version
against known local exploit patterns. Makes no network connections and has no
engagement workspace dependency.
Output
privesc-linux-<timestamp>.json— written locally on the target at the path specified by--output, or printed to stdout when omitted.
CLI
mg-privesc-linux --output /tmp/privesc.json
mg-privesc-linux
Notes
- Runs entirely from filesystem reads and subprocess calls to standard Unix tools.
- Output printed to stdout when
--outputis omitted, suitable for piping or copy-paste exfil. - Kernel version is recorded; matching against exploit databases is left to the analyst.