BeRoot is a post-exploitation tool to check for common misconfigurations which can allow an attacker to escalate their privileges.
The main goal of BeRoot is to print only the information that has been found as a possible way for privilege escalation rather than a configuration assessment of the host by listing all services, all processes, all network connection, etc. This project works on Windows, Linux, and Mac OS. But in this demonstration, we will be working on Ubuntu Desktop.
Downloading BeRoot
It can be downloaded in the Kali Linux with the following command;
git clone https://github.com/AlessandroZ/BeRoot.git
Once the download completes, make sure you have python3 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it;
Running BeRoot
We will first look for the help file;
python3 beroot.py -h
So it seems that this is a type of tool which directly runs with no necessary information in the help option. So I will run directly in the host’s shell.
python3 beroot.py -h
Now, it will try to analyze all the possible loopholes which could lead to the escalation of privileges using SUID bins, checking file permissions, sudo rules, NFS squashing, docker, and kernel exploits. As you observe now that it is showing the output of the configurations that could lead to the exploitation of privilege. So far I will check with one of the commands which the BeRoot had shown in the results if it is working or not;
It worked successfully, it will also show another output command and exploits according to the operating system in the results.
