0xsp Mongoose : Privilege Escalation Enumeration Toolkit (64/32 )

Using 0xsp mongoose you will be able to scan targeted operating system for any possible way for privilege escalation attacks,starting from collecting information stage until reporting information through 0xsp Web Application API .

User will be able to scan different Linux / windows Operation systems at same time with high performance , with out spending time looking inside the terminal or text file for what is found , mongoose shorten this way by allowing you to send these information directly into web application friendly interface through easy API endpoint .

project is divided into two sections server & agent .

server has been coded with PHP(codeigniter) you need to install this application into your preffered environment , you can use it online or on your localhost . user is free to choice .also contribution to enhance features are most welcomed .

Agent has been coded as ELF with Lazarus Free Pascal will be released with ( 32 , 64 bit) , while executing Agent on targeted system with all required parameters . user is free to decided whether willing to communicate with Server App to store results and explore them easily . or he can also run this tool with out Web Api Connection .

Also Read – Sudomy : Subdomain Enumeration Tool Created Using A Bash Script

Linux Agent Usage

  • make sure to give it executable permission chmod +x agent
  • ./agent -h (display help instructions)

-k –check kernel for common used privilige escalations exploits.
-u –Getting information about Users , groups , releated information.
-c –check cronjobs.
-n –Retrieve Network information,interfaces …etc.
-w –Enumerate for Writeable Files , Dirs , SUID ,
-i –Search for Bash,python,Mysql,Vim..etc History files.
-f –search for Senstive config files accessible & private stuff.
-o –connect to 0xsp Web Application.
-p –Show All process By running under Root,Check For Vulnerable Packages.
-e –Kernel inspection Tool, it will help to search through tool databases for kernel vulnerabilities.
-x –secret Key to authorize your connection with WebApp API (default is 0xsp).
-a –Display README.

Windows Agent Usage

-s –Enumerate Active Windows Services , Drivers ..etc .
-u –Getting information about Users , groups , Roles , Releated information .
-c –Search for Senstive Config files Accessible & Private stuff .
-n –Retrieve Network information,interfaces …etc .
-w –Enumerate for Writeable Directories , Access Permission Check , Modified Permissions.
-i –Enumerate Windows System information , Sessions , Releated information.
-l –Search in Any File by Specific Keywork , ex : agent.exe -l c:\ password *.config.
-o –Connect to 0xsp Mongoose Web Application API.
-p –Enumerate installed Softwares , Running Processes, Tasks .
-e –Kernel inspection Tool, it will help to search through tool databases for windows kernel vulnerabilities
-x –Secret Key to authorize your connection with WebApp.
-d –Download Files directly into Target Machine .
-t –Upload Files From Target Machine into Mongoose Web Application API. [agent.exe -t filename api secretkey]
-m –Run All Known Scan Types together .

Server Web App 

  • make sure to have at least php 5.6 or above
  • requires mysql 5.6
  • make sure to add Web application on root path / with folder name 0xsp as [ http://localhost/0xsp/] , Agent will not connect to it in case not configured correctly . the agent will connect only as following case :

./agent {SCAN OPTION} -o localhost -x secretkey

Examples With WebApi

./agent -c -o localhost -x 0xsp { enumerate for CRON Tasks and Transfer results into Web Api}
./agent -e -o localhost -x 0xsp { intelligent Exploits Detector }
./agent -c -e localhost -x 0sxp { will run two scans together and send found results directly }
./agent -m -o 10.10.13.1 -x 0xsp { RUN all Scans together and export it to Web API}

Examples Without WebApi

./agent -c -k -p { this will run 3 scans at the same time with out sending results into Web Api }

Agent Features

  • High performance , stability , Output results Generated while executing no delays
  • Ability to execute most of functions with intelligent techniques .
  • results are being sent to Quick Web API
  • Exception Handling .
  • inbuilt Json Data set for publicly disclosed Exploits .
  • Fast As Mongoose
R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

3 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

3 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

3 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

3 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

3 weeks ago