展示HN:一个跨平台工具包,用于探索操作系统内部结构和功能
我和我的同事一起构建了这个工具包,以深入研究操作系统内部,并自动识别特权升级向量。该工具使用纯C语言编写,没有外部依赖,涵盖了从Linux能力和Docker逃逸到Windows令牌操作和服务权限的各个方面。我们相信,破解与保护系统之间的持续斗争是软件演变的最终驱动力。这个工具是我们对这一循环的贡献,旨在帮助研究人员理解如何在不同环境中发现和审计低级配置错误。
来源:<a href="https://github.com/Ferki-git-creator/ferki-escalator" rel="nofollow">https://github.com/Ferki-git-creator/ferki-escalator</a>
查看原文
I built this toolkit with my colleague to dive deep into OS internals and automate the identification of privilege escalation vectors. Written in pure C without external dependencies, it explores everything from Linux capabilities and Docker escapes to Windows token manipulation and service permissions. We believe that the constant struggle between breaking and securing systems is the ultimate driver of software evolution. This tool is our contribution to that cycle, designed for researchers who want to understand how low-level misconfigurations can be discovered and audited across different environments.<p>Source: <a href="https://github.com/Ferki-git-creator/ferki-escalator" rel="nofollow">https://github.com/Ferki-git-creator/ferki-escalator</a>